Report - alaskaus1a.dynamic-dns.net/78acae92e99e6a5e2d8ad3e3e8c45d49/?cont=QERldmlsbWFzazA5&token=f392e5c54c86e12a87d20c8063cab1b9907c79c665e225f7bed582011be4bbc6db878f5fc432bef8f38e209fa43b97a87621fd53219fc13c207b420566c5343d

Report Overview

Submitted URL
alaskaus1a.dynamic-dns.net/78acae92e99e6a5e2d8ad3e3e8c45d49/?cont=QERldmlsbWFzazA5&token=f392e5c54c86e12a87d20c8063cab1b9907c79c665e225f7bed582011be4bbc6db878f5fc432bef8f38e209fa43b97a87621fd53219fc13c207b420566c5343d
IP
137.184.184.135
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-12-28 07:54:29
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
42
Network Intrusion Detection
43
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
diffuser-cdn.app-us1.com	8451	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	21 kB	104.17.145.91
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
alaskaus1a.dynamic-dns.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	873 kB	137.184.184.135
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	100 kB	142.250.74.168
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	908 B	572 B	216.239.32.36
js.adsrvr.org	1664	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	2.4 kB	143.204.45.46
prism.app-us1.com	8479	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	619 B	462 B	104.17.146.91
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.4 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.35.143.109
devilsms.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	72 kB	199.188.200.254
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	216.58.211.3
apps.mypurecloud.com	13135	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	7.5 kB	174.129.175.90
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	21 kB	142.250.74.110
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	757 B	142.250.74.164
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	874 B	757 B	142.250.74.163
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	262 B	15.197.193.217
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	627 B	720 B	209.85.233.155
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	67 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.165
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	349 B	31.13.72.36
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	101 kB	104.16.148.64
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	14 kB	204.79.197.200
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	151 kB	104.17.25.14
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	29 kB	31.13.72.12
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	895 B	2.0 kB	142.250.74.130

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2022-12-28 07:54:13	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dynamic-dns.net Domain
2022-12-28 07:54:13	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dynamic-dns.net Domain
2022-12-28 07:54:14	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:14	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:15	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:16	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:17	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:18	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:19	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:19	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:19	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-05-10
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-05-10 10:40:44 Times Seen98 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	172 B	2023-03-07	2023-03-17
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-03-17 12:55:47 Times Seen1 Hash 1da4f5fdcdee6acc88ecf93522ccc86d dabbc02df9bb7c1f45b475cff0d692986f3e6fcd c250946ecf2aebf7c0fda8ec3f64635517af2d84704b2ea8a6f958d2ad98410a Loading...

	devilsms.live/clve-min.js	151 kB	2023-03-07	2023-04-30
Pretty URL devilsms.live/clve-min.js IP 199.188.200.254 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:38:47 Last Seen2023-04-30 22:10:37 Times Seen11 Hash a0af62af3a5f980137ece52d9604b17e 47803e4451aaae4f38c40d154f915e89155edc0d 28899904b99b7dc185a3ee4ef8a53a522ae488db692a9ee4d45ddfc07dc04a24 Loading...

	cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js	349 kB	2023-03-07	2024-04-02
Pretty URL cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:42 Last Seen2024-04-02 18:26:16 Times Seen130 Hash 09842127b6fe7cd7fed7be501a5e0ee8 41a188777ac1c69c98dd0e11f6c30c2f21e02510 6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc Loading...

	www.googletagmanager.com/gtag/js?id=DC-9253762	113 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=DC-9253762 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:25 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 8bdc46b7b5226b50919bc003042de1a7 101747b48cd6f138d9229b7e8cf53afecd5a3089 536e1617ded1b3eb82426fdc0154583395ca30127a137614ef02b2af9ce480bd Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.accAccordion.js	9.8 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.accAccordion.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash e843f4a5281f196eff6c61e3e428913d 91e2eb2e90cda1629a9bb7a08332b1afd5c20f7b b6353d3cc84ec7a0c6bb0277719e00445fa14d2ad878fbe0cd68edfe946fae01 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	21 B	2023-03-07	2024-04-26
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-04-26 20:22:33 Times Seen17 Hash 2cb38a08323dbd99f3c05c4616bc6b77 c30aedbb04242c9228a33b1e26015b61f410c697 241cbf472bf26a2896d6e8138d7929d29a33d4f7b53b67df13b957d23b130fee Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	6.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash ee770d1a2856e3cad9dd65ca01bb1bee def6e4d582ddae41dcdd8f1749116c69a83fb9d3 5491d6ad1f3ddb5ac263e5deb25f98a830a84051b2eb1d5611281adafd8ba451 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	3.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash c07db21d5b3dbe61ec546e944b435803 a252b2ffe3b4df4d6ec6cadf834b6c3ca3ba6dbd 874bbc3b21804b4b9fbf1b41480a34dc2d9b9d303643fe9a31fd841836af3d4f Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	728 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 2e0296fd2192fa09f3808ab743129fbf 0c961ae396e386f92d8c2a357c2c5a6ecf9c2a17 492fb2b00a8f22321408584e0f20d64e53b95ce7e4ce4b253edc99130bc964a4 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.js	91 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 4878446472ab8663574717577b122d03 24623f13e4febfbee1b0588aa2b7cce6163fd667 c221ae5ef1063a44ec0bd1fd4c8e76e3785b609e051884b1f7d5b2e4c87ccf86 Loading...

	connect.facebook.net/signals/config/251150729134059?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/251150729134059?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 10:28:18 Times Seen1 Hash 252e4bb8c812b759c57f474047cb6499 7511dd0833af61328f178110762b60def4b80291 d93bd7e66fc4eaabc4dfed2d997390a28f2a6e4ccf69fd23e367cd05dee57b03 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	512 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 766edbc68cd6b62dae6cb9576acf110b c2de66ce394c3a82dda156baba651ca6c93b60f5 5a802146ceb48099b2c4f622f2e87f987feef82b39fa3631c733e58e60b8c33c Loading...

	apps.mypurecloud.com/widgets/9.0/cxbus.min.js	21 kB	2023-03-08	2023-03-17
Pretty URL apps.mypurecloud.com/widgets/9.0/cxbus.min.js IP 174.129.175.90 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:24 Last Seen2023-03-17 12:39:30 Times Seen1 Hash e70fc38e76816167a8ddc7c24ce6d716 2519299c13dd4dcf26499bdc9e326b417e056b72 b749f13b8ce527a1f077191a411ec87540b358a8bd66e9cdcb942c08612d4896 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	536 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen3 Hash bf6492ad4b44f40b0ed4812ae01a05b6 8f786af39fd683a566e2ca0fdb45447348c19bcf 390938fbb57c9783619ad47e76eaa4a928ce28174b33c7bd30518ec5f61110b9 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	21 B	2023-03-07	2024-04-26
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-04-26 20:22:34 Times Seen17 Hash 7d9beb4228a4a1f0daa00afca638f5e2 230f4efcbc655ff11c63dd971bd221bccff18446 fbb381a648bd49f1af1d726ec051d75c14632c3f1fa39ffbe2b08ab9c2544b6d Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2024-01-01
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:15 Last Seen2024-01-01 05:01:16 Times Seen16 Hash 258ac0be54e333a28d69bfd394fcde90 daecd0687e8b00f5d67a7732ccbe9174326821d9 f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	573 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 907a237b5b17c4dd0e5d699a3f326910 04ed652b44be4062fe6096884b9a6246e6b21c2e ce61306c75e160eef25b7412be16fffa23e126012e038f0a5dcfd1b03aa41352 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jsSuite-1.9.6.js	91 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jsSuite-1.9.6.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 53b588cffc791d73bab94beec314c1e6 54b22f179a2beea868b64a1a6f23fb56ac9c5b41 f2ee29338ccb04352257b449dcaf234eb5547894b3cc67f4efe83eb13b6966ff Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214057164&cv=11&fst=1672214057164&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1375966805.1672214057&rfmt=3&fmt=4	2.3 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214057164&cv=11&fst=1672214057164&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1375966805.1672214057&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:25 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 310ce1e13c0a25ceb3ddaff5ff8fe76b 13c975df20b14d57dda0c9fb8c60fbc755418d3b 486035f18259d4fc52f9a3900206799abc8daebc744d8a2b52111d0c72f4e539 Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 143.204.45.46 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	128 B	2023-03-07	2024-01-05
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-01-05 05:27:41 Times Seen4 Hash f07adaf58e962a8636afb754a9a04c2e b021913ba6d249ad7f4c70dd66a33cf8d0b76252 ac9be3e1a371da333602f7b42406e5a5c9a78f1e3dab0a2e9477cd9d6ad8c1ec Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	21 B	2023-03-07	2024-04-26
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-04-26 20:22:32 Times Seen17 Hash 5486f6bd2145349490f8c1293260cfa0 8b10f7228174f4f2ecf3300b23a450f8926f34ca e7699f5d57673c2c06cecb431d256633befdf0eac4f44315a4ce3ff1b913893a Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	21 B	2023-03-07	2024-04-26
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-04-26 20:22:33 Times Seen17 Hash 1ba1ef9c3b171a3703ef0e64f2ffb7a8 548642466bdfadb4b960614c92c043cc7bef2dac 1e591cd403a488c386f34d87f816993f1e515601081767abb1a088500ae37e63 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.leanModal.AKUSA.2.1.js	15 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.leanModal.AKUSA.2.1.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash f3c5c552762590af3bf7627387961052 577de72de0f60b0b00018c1f143c23f8887a9964 520add555ccbca7321335129b52653eab9ef85b25c1175e43de4ec2cb2a00b89 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?matcher	1.7 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?matcher IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 9bed8a3055a7d97e2d28eb30fc0df992 0430ea56087da3489c26f3390fad8fecfabe9e18 144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	42 B	2023-03-08	2024-04-18
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:49:39 Last Seen2024-04-18 14:30:24 Times Seen139 Hash 8885d8e87d93a63d70f1ba06fbdf15c5 7c9816edba75d121316c7295f577037f857a1770 2ec3c207b8482b0df2e5eaa5b0d1a8c03062a0958ff4ebd7fb6ea471630bd3c4 Loading...

	diffuser-cdn.app-us1.com/diffuser/diffuser.js	24 kB	2023-03-07	2023-04-05
Pretty URL diffuser-cdn.app-us1.com/diffuser/diffuser.js IP 104.17.145.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-04-05 02:07:52 Times Seen69 Hash 4d482a43613d3966f353ec9d97452e0c 4acc9cf492267ab6d351fb11246431bd7d6e6387 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Loading...

	devilsms.live/cleave.js	94 kB	2023-03-07	2023-12-17
Pretty URL devilsms.live/cleave.js IP 199.188.200.254 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:56:13 Last Seen2023-12-17 14:10:58 Times Seen29 Hash ead7731c4b02b3e134ec2d390e7fccd0 3491430271d8a9f15548ca5a00e90b5d4e10b437 f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	21 B	2023-03-07	2024-04-26
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-04-26 20:22:34 Times Seen17 Hash 3d73b1cb46543e532addca54e6761e8a 321bfdb72be1fadaaac2f1f4bdaef1c03375f3b6 2195b38e503e53362cb64f64eea69f3732e826168219ce6e6072f6fff774d186 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.90	65 kB	2023-03-08	2024-02-19
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.90 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:50 Last Seen2024-02-19 23:40:48 Times Seen4401 Hash ed5d6caf417fab681343bc3414babc55 410ba8d8866d7c7df41f21526345cfb7426386f2 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:51:36 Times Seen37532245 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	369 B	2023-03-07	2024-01-05
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-01-05 05:27:40 Times Seen4 Hash d850fa304b04e914feba514c236e913a 79cbb2b9a9ddd76d75be39d73fb6ed261776110d 8937f5aecff9ef1acd3186c7852a35305538447c1a107c54429714bc997b2d96 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	1.4 kB	2023-03-07	2024-05-10
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:29 Last Seen2024-05-10 19:47:17 Times Seen292 Hash bc9a8eaf3e6b50449dc8f17dce6ceb87 a6ed79412905a29eb6af6ab06ee65c243a8f2fae df143682c1457ed20ef47ab92cd113032a69bbe9e5217688a8e45f952a43fa3f Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	176 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 396b77e3b0e989c0db5e2c982aeb4e2b 25524df42a95fa98bf67b2e081145e5b15acb48c 5015c5551fc78368715f261033b0ddd4b3dc58ef887180e3e847973a37d3883e Loading...

	www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c	230 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:25 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 2ddf6c767d95a98ac8885a609de40be8 a413527e4636f7568e71c74d562ff8ce9f7e5787 271ecaa8bdc4fffda46975ce4b58c6dba31bb7d1041a6c2525478d118bab24d4 Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	3.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 68c5401623017e7e2b60a9349a4dcd3a aedbdcc0168cdef4f7747df086d47d90213efd9a c2a4ec4595d1d7ce4d001526377ea14c773c91ad57da2a20ce192e162e5742dc Loading...

	alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe	3.7 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 85a72e81c73a8017d7bc5376b36897a7 328becf6895a858b5213f3a1144aba8b3c2a31ba 9e64d0c38704d84e24c2d2204e2b880a55938d40572b94ee0c60bec4b465a84e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-10 19:48:26 Times Seen1646 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (107)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e717435470c9f4f06b174d7100c6a98f
292150251495b243c384e0c676a258597ba7f4d8
91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9906
Expires: Wed, 28 Dec 2022 10:39:24 GMT
Date: Wed, 28 Dec 2022 07:54:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
78f1f94544ef06b96bb43283f59d100f
fa2f1a3730a98c6fa5ebf976143fb6093a7298be
889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4508
Expires: Wed, 28 Dec 2022 09:09:26 GMT
Date: Wed, 28 Dec 2022 07:54:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07e619a5a572fa9bcb54fa70de27f0d4
c0499dcc7551831f517f189465812859d0f48ced
2213c856ce4dd64ebe28e4deff34d449b2c08be98565c0405427453ae948fa74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2213C856CE4DD64EBE28E4DEFF34D449B2C08BE98565C0405427453AE948FA74"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13142
Expires: Wed, 28 Dec 2022 11:33:20 GMT
Date: Wed, 28 Dec 2022 07:54:18 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 07:46:45 GMT
content-type: application/json
age: 453
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LFdrtlvaaEh1MhMYxFwgjfURnxOBw8Vs4z9ZbJh954ZeQkF7HW665EIYlTwn7ZcLKd200zMACks=
x-amz-request-id: BVM26QACG0MJH1ND
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 06:56:03 GMT
age: 3495
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 07:54:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/78acae92e99e6a5e2d8ad3e3e8c45d49/?cont=QERldmlsbWFzazA5&token=f392e5c54c86e12a87d20c8063cab1b9907c79c665e225f7bed582011be4bbc6db878f5fc432bef8f38e209fa43b97a87621fd53219fc13c207b420566c5343d

137.184.184.135

302 Found

0 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/78acae92e99e6a5e2d8ad3e3e8c45d49/?cont=QERldmlsbWFzazA5&token=f392e5c54c86e12a87d20c8063cab1b9907c79c665e225f7bed582011be4bbc6db878f5fc432bef8f38e209fa43b97a87621fd53219fc13c207b420566c5343d
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /78acae92e99e6a5e2d8ad3e3e8c45d49/?cont=QERldmlsbWFzazA5&token=f392e5c54c86e12a87d20c8063cab1b9907c79c665e225f7bed582011be4bbc6db878f5fc432bef8f38e209fa43b97a87621fd53219fc13c207b420566c5343d HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 28 Dec 2022 07:54:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; path=/
Location: ../index.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 07:33:30 GMT
age: 1248
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/index.php

137.184.184.135

302 Found

0 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/index.php
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /index.php HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 28 Dec 2022 07:54:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: 2a865de28ec099bf6b241f41aa2a056e?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60b8396db0bbfa5f2ae7e34c9d04ebcc
50b6c68aa2b2a459315a9989f5d3e326e8ad5539
c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3055
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:19 GMT
Last-Modified: Wed, 28 Dec 2022 07:03:24 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.35.143.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.143.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EvMmlDBpOexz+GgWFOUNWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e0vQ0caPPjqyz/Hcarrz1ysv0l4=

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe

137.184.184.135

301 Moved Permanently

436 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
436 B (436 bytes)
Hash
961c946fe0e71991ef73eb92ab113068
38d79430afc4c1e55bc1eeddf813e9ff754dc55c
51a0fbcd18ef99abecd82933a896d4c122306a40384617bf5757a6f2fcde8e92

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Dec 2022 07:54:19 GMT
Server: Apache
Location: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Content-Length: 436
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=136846
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:20 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:55:06 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 558133
expires: Mon, 18 Dec 2023 07:54:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7wkhf549lk%2Fx83vup4m%2BschjxHfhCO%2F3mAU5nhovdff70dNvkjOAl%2BQQ6sVq1JFlLaKC7fsezjdTbIhu%2F4ydGDL7ItrnkcER89Faj11ikv3F4HXxV8HwxfrNpQUCO5Tprw7ouT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba37d9a70b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=136846
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:20 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:55:06 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css

104.17.25.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65317)
Size
15 kB (15248 bytes)
Hash
eaa2e9825d0aa4108e5c61a9058f5434
2c855186ced95e99325836c2af8b9cc2e823848a
65b91a9d675a0b22b90132b403e14db1fe82496a45c2a077ddecb2452e929077

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:20 GMT
content-type: text/css; charset=utf-8
content-length: 15248
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620188b3-3b90"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1783799
expires: Mon, 18 Dec 2023 07:54:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7jmDxuEOxgEOmNeipTRnjI6ZoUrdYztfEnlo6KSJOxB0R876Rvss3F6uYHThSflt%2BFaGuexaAysmpd%2BL80E2%2FtS0yj%2FXB3gInyGz6t6CTXNTGmm3t18rkxRCMh4foV65RLLjDdt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba37fe3bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3130754e3b8ed3b210e00966aa579f0e
8d5b8f398fb17b9de7b8c825dd8d7eccfc1d9587
fffa7d428ef47447418b322ab16b038dd3a277639d8852a51de2c7de8d15fa3c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=86303
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:20 GMT
Etag: "63aa8e70-117"
Expires: Thu, 29 Dec 2022 07:52:43 GMT
Last-Modified: Tue, 27 Dec 2022 06:19:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11482
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 07:54:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11482
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 07:54:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6009 bytes)
Hash
f810df3c7a9cc088b68a912023460d35
76c0e59325b5c046cf68c0268374df317b81be97
a46f2bc69415ce3b749a2765e98e0c2aad012050fa784d7326a0142a6a41a4dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6009
x-amzn-requestid: 25333cb9-5ba3-44d1-8862-2cc2658b64fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_MGbeoAMFrSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c7-23af33ff50839c6834137df3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zrKFx2R1kV0xsxMyBEjpW3uSid0Kt6HLP92p7WhRcAQLUTq9mTuTmA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:31 GMT
etag: "76c0e59325b5c046cf68c0268374df317b81be97"
content-type: image/jpeg
age: 36709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.148.64

200 OK

7.2 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21747)
Size
7.2 kB (7151 bytes)
Hash
4292e44eba0796aac4d0b7aab80daec2
8131fd92ed85c9e8378d78e2b668cd7163fdf875
0deff459ca0049e97fc03f4a80660ef7e69185057ffdcd1a462cd3bcaffb6e5b

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:20 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: QpLkTroHlqrE0LequA2uwg==
last-modified: Wed, 21 Dec 2022 07:32:46 GMT
etag: 0x8DAE3258E5CB56A
x-ms-request-id: 6bd0e487-b01e-00a1-089a-15167d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21861
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba380cc6fab4-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d46878b-33b3-4376-b34b-4fce3b5aae99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12122 bytes)
Hash
23fa4f1ff5e70770062647e80c6b1a69
0d8cd5871878956468ccdb4ede3038869b4d2471
b44606410e34542fb5db0aa9382e43db89cd9fcf94eb4f0ec1d8b874c0d681b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d46878b-33b3-4376-b34b-4fce3b5aae99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12122
x-amzn-requestid: 7fae254c-4ff4-459c-a8bc-bccaa94e4bec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: du_QiEZfoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a91269-2cb2cd547899b93f47e3d901;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 03:18:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p-sl6pCUlvaycZ2Z5QH4lbWVCL-VgK5gU7K17clcYYWvR4ZB0BPdpQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 03:36:09 GMT
age: 15491
etag: "0d8cd5871878956468ccdb4ede3038869b4d2471"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?matcher

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?matcher
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?matcher HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:20 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11482
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 07:54:20 GMT
Connection: keep-alive

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
d9dcccae2018607dee1459081249c91e
2ecfa42f64013afc536c16fcd2250d8229f81654
41839d89192ec4771a6cd5a431617c0b7855701f93c722d025d3f056f109b552

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 70cc8d68-0917-472f-9d64-1d4f708791e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuVGkHoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c1-2aba103f6a75466c19ddbbd6;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lScTBikZKapio1FOewnfcSCiGyEpXxtMQztgLj-GROHqQ01VEgAnjw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:51:12 GMT
age: 36188
etag: "2ecfa42f64013afc536c16fcd2250d8229f81654"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11482
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 07:54:20 GMT
Connection: keep-alive

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5577 bytes)
Hash
50a3433c386a2d8435a10b572d986161
a97620796ae1a146e719f4a46e98c57a4af472ed
b4954da0a678a4df8c3dd7df0376c04c446fad03b94f6363938b29b0b58b782a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5577
x-amzn-requestid: b9f47205-66da-4ef7-bf83-f237bd4dd9e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0ys9FYKoAMFwWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64b9-5bcf6f3b23d1f2b1206c91cc;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BynwJdv-JV-UFO98M3C5ZZIJqbx7wVQkR6aJAgJHAzuDGih4D-Izug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:19 GMT
age: 36721
etag: "a97620796ae1a146e719f4a46e98c57a4af472ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11482
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 07:54:20 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5961 bytes)
Hash
7b7f0c866bf3ac4531371ad2060951b5
48251361ab12813116d9aba69bb646bf11e54b76
33eacdc9a4c0f1c0494c153e6c8bf8dcebb5d1447aeb22fb2a799f2b631f4da7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5961
x-amzn-requestid: 527254dd-5774-4b0a-92c6-b03385ea17e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0m_gHFZoAMF8gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab51fc-6808bf07003234666b176f10;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 20:13:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BEjsTYluC9DE846mwrcRYOm-r-V18WVbsV1T8OJJC-KcMhllzHhuQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 06:27:45 GMT
age: 5195
etag: "48251361ab12813116d9aba69bb646bf11e54b76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10914 bytes)
Hash
369bb708ac21a9219cae15dbf33fd225
64885e8ead4ee24b43274ada628ab47cba6c6703
04ba2c600a01344d2cb3fbd2fb5e1dc17d12d018e685f55870da70cd5a85b1ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10914
x-amzn-requestid: 86f79e43-1faa-431d-b88a-6e1baaabb1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z9YF1AIAMFyKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66bb-6b418d8b0ceb68a92ec5cbd9;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U_JJ9v1Rh7VMWqzK6YtQvYy48CXwwv3x7CA_kuqpZdxSnc3VscWIiw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:20 GMT
etag: "64885e8ead4ee24b43274ada628ab47cba6c6703"
content-type: image/jpeg
age: 36720
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: max-age=136846
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:20 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:55:06 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusafonts.css

137.184.184.135

200 OK

4.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusafonts.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4745 bytes)
Hash
7bca826d32f3e3f41c0df8f236402ca9
9880a8aade6efaf4d80ec22a4b0976185ee37d36
91c30fc9915df9e1e486290b11d4ea724b0473b64c02d77bbbf1d8d03b75714e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/akusafonts.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:20 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 4745
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css

137.184.184.135

200 OK

10 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
10 kB (10282 bytes)
Hash
769a0502a4414f3bb603934aa889b898
b35c6585cd3a533984b722815a93e041bcbb3378
7251e3e953dddf94f980a48e24415230d30695550b508f6ff651332adcbf23da

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:20 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 10282
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?async

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?async
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?async HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:20 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?cache

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?cache
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/alaska-common.js?cache HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b65e4c5c5b2286c6d96788e524807b5b
1091c9a6d61410c121e0f142b4d7adc18301158a
a4ff847a4f2d2f4574855d108147d28df0e34a3f4409d64499e21b7173727ba3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 05:40:05 GMT
Expires: Wed, 04 Jan 2023 05:40:04 GMT
Etag: "1091c9a6d61410c121e0f142b4d7adc18301158a"
Cache-Control: max-age=596142,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7808ba39798eb4ed-OSL

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133

137.184.184.135

200 OK

26 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (844), with CRLF line terminators
Size
26 kB (26526 bytes)
Hash
24de8c6dc6c62c60d5eff55f1dab26ab
db61e17f268b1d9dc9c8c39fc9bb0b7ca9425c09
623880727dce36ea3c3a6b65bbc9d56f29c2bfe4c134ca6a0c3d43a82c63f0dc

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 26526
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/chat/genesys_akusa.css?20220304133

137.184.184.135

200 OK

6.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/chat/genesys_akusa.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
6.7 kB (6703 bytes)
Hash
a8921a2f667584a0b9077674e495c7fe
f86326198b72901cfb534a51be7901e5659c7262
30e3261801acb89e2171e959c4012066d97772287a6003a2eabf8600f385afd5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/chat/genesys_akusa.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 6703
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-home.css

137.184.184.135

200 OK

8.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-home.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
8.7 kB (8733 bytes)
Hash
11e34766e053173238cb2c8bb998c90b
2e26ac2e0ae035b5ec51e35c4ded9add334208d2
97b570b1901b985a8d4d776cb47043de0320bd72754020b310eccb0464861a73

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/akusa-home.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 8733
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

devilsms.live/css/alaskausa/akusa-base.css?20220304133

199.188.200.254

404 Not Found

1.2 kB

URL HTTP/2
devilsms.live/css/alaskausa/akusa-base.css?20220304133
IP
199.188.200.254:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /css/alaskausa/akusa-base.css?20220304133 HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Dec 2022 07:54:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json

104.16.148.64

200 OK

1.1 kB

URL HTTP/2
cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2455), with no line terminators
Size
1.1 kB (1076 bytes)
Hash
211807a849e22c8f1e15c6bf1812d9dd
f5966037a3678ba8aeb2a2ad6ec2dc8be39c1358
7b2bfde084be9f5de169c28ce3781acebcd39e7a973c201989d7a545e7acc94d

HTTP Headers

GET /consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/x-javascript
content-length: 1076
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: IRgHqEniLI8eFca/GBLZ3Q==
last-modified: Tue, 01 Dec 2020 21:11:52 GMT
etag: 0x8D8963DB9DC26A4
x-ms-request-id: 0d8516d3-501e-0067-718f-1a6b41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 7
expires: Thu, 29 Dec 2022 07:54:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba3bfdd0b51d-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

127 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size
127 kB (126828 bytes)
Hash
297973a488f688271dd223d542ba2697
ed99d812e4c88826335f93acede3fad85c90fb54
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 126828
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-1ef6c"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9945899
expires: Mon, 18 Dec 2023 07:54:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DNs4qcLJ0lVCI0xorH9zj%2BmYCvdegAVJpvRj8F%2BzYZOhmniUA1XH3a6PMsOz6nv%2Fy5h9NGKK6lrRL%2FQHZhgyglPCHt9IAbWbuf7VZYCTZ4V2ezsVxanz9qzL4kpxcPSEFmGqUhe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba3c0ab3b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9671cd42841ab75d9f292268909b8c75
523ea3899be44267861aec842eebc2e18c597f6e
15a92cbaad10b73d775e0668f819fa764e83a1cfb2a0b5c8fff393d5bb9a7104

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128006
Date: Wed, 28 Dec 2022 07:54:21 GMT
Etag: "63ab39d0-1d7"
Expires: Thu, 29 Dec 2022 19:27:47 GMT
Last-Modified: Tue, 27 Dec 2022 18:30:40 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F2U4ETAm2oBKodE6vOi_se2SV6z0Oye8DJYZNvbhfUw7xaM_wHprqg==
Age: 3427

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

104.16.148.64

200 OK

76 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65456)
Size
76 kB (75725 bytes)
Hash
e7a8ce5ef8215374621482a2676661fa
7b6bc27ac67eaac0dae3232a35bc00291dab31ee
e2c27f7bef589673705523c319c673232f8076da5aceba1385b8127134d92305

HTTP Headers

GET /scripttemplates/6.9.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/javascript
content-length: 75725
content-encoding: gzip
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
etag: 0x8D88D721D404CB2
x-ms-request-id: 7aa00b60-f01e-00e2-4342-ca3c94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 33510
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba3c9eeffab4-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-W942G3C

142.250.74.168

200 OK

99 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-W942G3C
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (58089)
Size
99 kB (99120 bytes)
Hash
8d476be689fd3b3d0e140cbe22d4421f
2410ba58fc6297a0e46ef830aeb76b198a6b8844
eb8b63e1c5b732ef00792391b2ef49745b78312b620549c6a80dd238c0e81dbd

HTTP Headers

GET /gtm.js?id=GTM-W942G3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Dec 2022 07:54:21 GMT
expires: Wed, 28 Dec 2022 07:54:21 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/Global_Credit_Union.png

137.184.184.135

200 OK

8.1 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/Global_Credit_Union.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8073 bytes)
Hash
84bdc38197c7818f817a51fe9aa5f877
3bbdf85f533485b40d88ac267ad3c492926b8854
cc0fe675f5052acd49345b248c172325b19c3ebbda672922a95da2fbfeab1d83

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/Global_Credit_Union.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 8073
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

apps.mypurecloud.com/widgets/9.0/cxbus.min.js

174.129.175.90

200 OK

7.0 kB

URL HTTP/2
apps.mypurecloud.com/widgets/9.0/cxbus.min.js
IP
174.129.175.90:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (20450)
Size
7.0 kB (6977 bytes)
Hash
bcc2ec1ce14ec44b03e850191f1c660f
f0918f7d44679870d9abfd52a2c91f139b9a6925
c36febef70f02488e9ca5db43f9b6e510bdd75c98878fe69b519282add67f95e

HTTP Headers

GET /widgets/9.0/cxbus.min.js HTTP/1.1
Host: apps.mypurecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: text/javascript
content-length: 6977
server: nginx
x-amz-id-2: ghGE/uAsckjZhbgTlFlziOD5jqAiT8ZM/5LCSHqREPD31TZBqVYcNRGLUQZAoYiN+xfDD/omErY=
x-amz-request-id: A81BRT130CD5TPN4
cache-control: max-age=0, no-cache
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 11:04:39 GMT
x-amz-version-id: zvxGsS5zFCx_BNFBE7YwFMviBcqvk8Ax
etag: "bcc2ec1ce14ec44b03e850191f1c660f"
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json

104.16.148.64

200 OK

8.7 kB

URL HTTP/2
cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (37852), with no line terminators
Size
8.7 kB (8745 bytes)
Hash
85fa3d06bc741c78b02b776492c55805
939bbcd314a30f3e88189f28eaa18bbdeb988531
097fac9b6967198154f49aa3f5560c58c2f5fe0a4e861fc08925112619e20854

HTTP Headers

GET /consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alaskaus1a.dynamic-dns.net/
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/x-javascript
content-length: 8745
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: hfo9Brx0HHiwK3dkksVYBQ==
last-modified: Tue, 01 Dec 2020 21:11:53 GMT
etag: 0x8D8963DBA299157
x-ms-request-id: 497094b4-401e-003c-388f-1a6c3d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 7
expires: Thu, 29 Dec 2022 07:54:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba3d2ed3b51d-OSL
X-Firefox-Spdy: h2

js.adsrvr.org/up_loader.1.1.0.js

143.204.45.46

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
143.204.45.46:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1882 bytes)
Hash
8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 11:01:06 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -3ythvPRkHJibeC67-DS7l3Kh2ZVBLqKgwIHoDgkwmlp_0ap8cI4XQ==
Age: 75196

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
36c5d15e25dd4e147c4d8374231c2054
52643c6e380a28493908b5f54d7a0f4381fce51f
a91ab6485ff92867a948cba0ce36e481cf1a6078c14251bf95028ada542ceacf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A91AB6485FF92867A948CBA0CE36E481CF1A6078C14251BF95028ADA542CEACF"
Last-Modified: Mon, 26 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8822
Expires: Wed, 28 Dec 2022 10:21:23 GMT
Date: Wed, 28 Dec 2022 07:54:21 GMT
Connection: keep-alive

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/header_bg.png

137.184.184.135

200 OK

8.1 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/header_bg.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 156 x 165, 8-bit/color RGB, non-interlaced\012- data
Size
8.1 kB (8058 bytes)
Hash
f420d4563192f414fabc27808342a8b2
80d69a4a339f6ddfe991d41d798d9a58fa0a21ea
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/nav/header_bg.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 8058
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/menu.png

137.184.184.135

200 OK

3.5 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/menu.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3450 bytes)
Hash
d87c14fbb0d7e31b83743cbd6df7a8ac
d2a0c35bff9de53b3a0a95b51ce2cb6e84cfab62
5843719ef8d592f4fb98f1dc4b9125cc398e15f193b5c6cf5898f667478a8d8d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/nav/menu.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 3450
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5c91f5b22b97080ae90fce9110f6ea3c
4a2376c7ece5d08d7b6a67694e247f91c97e71bd
96a3d8ac4873bdf0674078f5ed745c20abfe6f38da6a2aa0d06a091a25d3719c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6331
Cache-Control: max-age=137054
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:21 GMT
Etag: "63ab51d0-117"
Expires: Thu, 29 Dec 2022 21:58:35 GMT
Last-Modified: Tue, 27 Dec 2022 20:13:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

104.16.148.64

200 OK

3.3 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (9812)
Size
3.3 kB (3343 bytes)
Hash
9cbaf88448b87ee2d8fe9d0342c2dc30
1cf1fd7433bdec6c2df027324f096798ebaf901c
43cc23a546d37f0309106333b51536e7aafc32628a1f30cfdf392617cc63d07a

HTTP Headers

GET /scripttemplates/6.9.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alaskaus1a.dynamic-dns.net/
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/json
content-length: 3343
content-encoding: gzip
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
etag: 0x8D88D721792550E
x-ms-request-id: e5869c0f-301e-013c-198f-1a2a68000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 7
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba3ee824b51d-OSL
X-Firefox-Spdy: h2

diffuser-cdn.app-us1.com/diffuser/diffuser.js

104.17.145.91

200 OK

20 kB

URL HTTP/2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (24240)
Size
20 kB (20362 bytes)
Hash
9e47d094b2ce13f813367c3520dc8432
07926a89df5c700567797160f42f9183a32fb980
37d34088a12a2d0defa3529ade05169674d2b210729d0d36a0e03469d95ae2a9

HTTP Headers

GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:21 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 36
server: cloudflare
cf-ray: 7808ba3dd9860b39-OSL
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/current/chat/genesys_config_prod.js?20220304133

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/current/chat/genesys_config_prod.js?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /current/chat/genesys_config_prod.js?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Background-Photo.jpg

137.184.184.135

200 OK

102 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Background-Photo.jpg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Size
102 kB (102157 bytes)
Hash
4a3df69aaf1351430579c94cc849fce5
e7ba778e7330a03b8bd3ffd3f2167fe1be06277d
a4e65c59ce489d1aa83c497988f6531cc9d50b9aa8e35683cccf99351efa854d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Background-Photo.jpg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 102157
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Floating-Banner.png

137.184.184.135

200 OK

22 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Floating-Banner.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 551 x 278, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22453 bytes)
Hash
9f8078aa4d957d75bd69f81053322b7b
f822ee9b43eb74adb8da0cb6d06114dc4041810d
21ad128a12235c4aea0f7198b1013df45c88086b3b683c03140896880852b713

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/21205_Floating-Banner.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 22453
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

prism.app-us1.com/?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe

104.17.146.91

200 OK

0 B

URL HTTP/2
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
IP
104.17.146.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:22 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=0128e38d-692e-46fb-b241-f439fa8374a1; expires=Fri, 27-Jan-2023 07:54:22 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 44
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7808ba3efa5bfab8-OSL
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/ncua.png

137.184.184.135

200 OK

4.3 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/ncua.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4280 bytes)
Hash
38b7240d957be9f71b5271246fb01f67
9007e7baf8e357ac11c8541c871e48960c8d9f30
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/images/nav/ncua.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 4280
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

devilsms.live/cleave.js

199.188.200.254

200 OK

18 kB

URL HTTP/2
devilsms.live/cleave.js
IP
199.188.200.254:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (1712)
Size
18 kB (18428 bytes)
Hash
fe9f66e28ad0fde897ddcb9571324491
e5ab8ed2bad2578458397898778be698dff70917
ece3c9456921c261029e7ae1b7eddd2265e8afdf1aeb78f9eafad2ea55d5e92f

HTTP Headers

GET /cleave.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 04 Jan 2023 07:54:21 GMT
content-type: application/javascript
last-modified: Sun, 30 Jan 2022 13:07:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18428
date: Wed, 28 Dec 2022 07:54:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/AUIB_Q3_promo2.jpg

137.184.184.135

200 OK

29 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/AUIB_Q3_promo2.jpg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Size
29 kB (29268 bytes)
Hash
c1dcde5137e55d4cb3784916e3e2c274
a89b07d8fb3283be9d5666cab2dd2aa89d90732a
00ecd414747be72b5c838213800ee09b90f18d9192c0ae7eac1e40c51c2157f7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/AUIB_Q3_promo2.jpg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:21 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 29268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe

137.184.184.135

200 OK

68 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (370)
Size
68 kB (67696 bytes)
Hash
693c6b4c0dbc87c649c188748922e9b5
4dffecf1b03d3a18ab25face2ad92d1dfe4c5ce7
0698b8be0a7ae8e6dfc3a116be36d1df7d4a90f8880c02f113a018973e5179a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:20 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

devilsms.live/clve-min.js

199.188.200.254

200 OK

51 kB

URL HTTP/2
devilsms.live/clve-min.js
IP
199.188.200.254:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51069 bytes)
Hash
724ad5d75674097f5d14e70982a3bc6e
87146103e33be6cdf8d828351685c70f2a6cb7e3
d1a51f6f6c798129732b8ae1c654d6a68af918bb63e05b45c75cf4c614c27260

HTTP Headers

GET /clve-min.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 04 Jan 2023 07:54:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 11:17:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 51069
date: Wed, 28 Dec 2022 07:54:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery-3.5.1.min.js

137.184.184.135

200 OK

151 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery-3.5.1.min.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (755)
Size
151 kB (150952 bytes)
Hash
2558cf546bbf6869abc41ae82d3219b0
86c35ee20d992d7c408ebf64608592458604eb8e
6e7e019e8348c366ad234e388d1d52ea7c06a0c573af42915f8d865ca4a0943f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery-3.5.1.min.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 150952
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.accAccordion.js

137.184.184.135

200 OK

9.8 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.accAccordion.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
9.8 kB (9771 bytes)
Hash
e843f4a5281f196eff6c61e3e428913d
91e2eb2e90cda1629a9bb7a08332b1afd5c20f7b
b6353d3cc84ec7a0c6bb0277719e00445fa14d2ad878fbe0cd68edfe946fae01

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery.accAccordion.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 9771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1603606967&cid=745942544.1672214057&ul=en-us&sr=1280x1024&_s=1&sid=1672214057&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1603606967&cid=745942544.1672214057&ul=en-us&sr=1280x1024&_s=1&sid=1672214057&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1603606967&cid=745942544.1672214057&ul=en-us&sr=1280x1024&_s=1&sid=1672214057&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://alaskaus1a.dynamic-dns.net
date: Wed, 28 Dec 2022 07:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/navSprites.png

137.184.184.135

200 OK

14 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/navSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 240 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14383 bytes)
Hash
2c34097881e44683ea2c683b9c4c6fba
c3053cdec4d858a66cdaeb71e6612115508513a8
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/nav/navSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 14383
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/css/nav/homeSprites.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/css/nav/homeSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /css/nav/homeSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.leanModal.AKUSA.2.1.js

137.184.184.135

200 OK

15 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery.leanModal.AKUSA.2.1.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
15 kB (14977 bytes)
Hash
f3c5c552762590af3bf7627387961052
577de72de0f60b0b00018c1f143c23f8887a9964
520add555ccbca7321335129b52653eab9ef85b25c1175e43de4ec2cb2a00b89

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery.leanModal.AKUSA.2.1.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 14977
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-phone.css?20220304133

137.184.184.135

200 OK

22 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-phone.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (680), with CRLF line terminators
Size
22 kB (21605 bytes)
Hash
d64b0ae59d8015135a9a85dca6a5f379
526b542dea3e5420c0792734ecfa6937abf80fa0
c27e16a1f8b6480b5f77585c4ee5911cfcedb385b77b204c937b35dc7c87be4a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/akusa-phone.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 21605
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-print.css?20220304133

137.184.184.135

200 OK

557 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-print.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
557 B (557 bytes)
Hash
9c68542fafe8bbb0070cdcb4bc2e1446
bc259cc4ad82760d329622caf0c47b32a7beadc9
ca79306c82cb06f6bf0875b7ae0689573d94713fb0bcafe0e9eb2d799748b376

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/akusa-print.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 557
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/akusafcu_logo.png

137.184.184.135

200 OK

16 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/akusafcu_logo.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16228 bytes)
Hash
dc43cc5c96d54639189781edf322cac9
26c53d9c975f997481520a336ac5f6a22f115c74
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/images/nav/akusafcu_logo.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 16228
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/jumplink-white.svg

137.184.184.135

200 OK

2.4 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/jumplink-white.svg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1867), with CRLF line terminators
Size
2.4 kB (2407 bytes)
Hash
6dcde879818507082d2265149a8c18ec
6d0b5f93f83b2b2c519fcd777dc4255da2540d6a
7d91fb8cf3f42097497f47b0f61a198844ea27d162350d017b80dc4ce2a158bf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/images/jumplink-white.svg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 2407
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/Floating-Banner-Q3.png

137.184.184.135

200 OK

32 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/Floating-Banner-Q3.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 358 x 181, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31636 bytes)
Hash
a41c669e9b9514fb82605ccacdc51da6
0bcbe8fe1608666e28a784d896e6bf4fb102ff96
4204d2dcd83bea2a69ffb73451c76aa8f084757518c0f4cff773bd107a95b309

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/primary/Floating-Banner-Q3.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 31636
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/EHL.png

137.184.184.135

200 OK

3.3 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/nav/EHL.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Size
3.3 kB (3317 bytes)
Hash
859cf2ed8319f4931c1e2371bee8b46d
ff866fe6e3071999e6c057dae5aed927aefd047f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/images/nav/EHL.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 3317
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.js

137.184.184.135

200 OK

91 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
91 kB (91213 bytes)
Hash
4878446472ab8663574717577b122d03
24623f13e4febfbee1b0588aa2b7cce6163fd667
c221ae5ef1063a44ec0bd1fd4c8e76e3785b609e051884b1f7d5b2e4c87ccf86

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 91213
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/warning.png

137.184.184.135

200 OK

1.2 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/warning.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1249 bytes)
Hash
9e1021883b3f3114c30a7cb29529ac5e
a20cdec04360f8075da7ae8b879f3cebe21e12e3
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/current/promo/data/images/secondary/warning.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0050029cd95c89afcefa13544ed2370d
92127d7e78d16a6cc8d660f03f8359cf205893a7
236b21306ce2ef6eb433e635da642608ed153c4f18df361546434f5a9f471cec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3051
Cache-Control: max-age=113951
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Etag: "63ab0463-1d7"
Expires: Thu, 29 Dec 2022 15:33:34 GMT
Last-Modified: Tue, 27 Dec 2022 14:42:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 28 Dec 2022 06:41:11 GMT
expires: Wed, 28 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 4392
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c40d80fc68e11fd09a9a5b2a1d31a99c
9b5570c09f3a847e6bf91cb91638c7c806e079b3
6de9c5d54998c01fdedde58137519c2e1032ff13d4053495479a335ee1c32f60

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/bat.js

204.79.197.200

200 OK

12 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Size
12 kB (11460 bytes)
Hash
d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=37F3A5BEEC1268D80A7BB736ED45695B; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5C4CD72E5374B4B9F6A352FF611D4A3 Ref B: OSL30EDGE0421 Ref C: 2022-12-28T07:54:23Z
date: Wed, 28 Dec 2022 07:54:23 GMT
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bwHlqi68WjG9Lby0uPJQ6jtaBY4swUNUAIyLMBAFWkr1P6lEq4fQmcUQGc+eJLgsV7YOMC8gY/p/k4zUVlBMKQ==
content-length: 27298
x-fb-trip-id: 2050670934
date: Wed, 28 Dec 2022 07:54:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214057164&cv=11&fst=1672214057164&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1375966805.1672214057&rfmt=3&fmt=4

142.250.74.130

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214057164&cv=11&fst=1672214057164&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1375966805.1672214057&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2269), with no line terminators
Size
1.0 kB (1044 bytes)
Hash
34f4c9c8680c21ae8a672d5d09a9eea1
185a7d19e24fb68f18b286a7ece351b232061d05
4ef4e8ae5be9ab17a02c9a8578fc10b8dc5193ee0e7ee186bb4cd8132b984e8a

HTTP Headers

GET /pagead/viewthroughconversion/831978068/?random=1672214057164&cv=11&fst=1672214057164&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1375966805.1672214057&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Dec-2022 08:09:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0050029cd95c89afcefa13544ed2370d
92127d7e78d16a6cc8d660f03f8359cf205893a7
236b21306ce2ef6eb433e635da642608ed153c4f18df361546434f5a9f471cec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3051
Cache-Control: max-age=113951
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Etag: "63ab0463-1d7"
Expires: Thu, 29 Dec 2022 15:33:34 GMT
Last-Modified: Tue, 27 Dec 2022 14:42:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c40d80fc68e11fd09a9a5b2a1d31a99c
9b5570c09f3a847e6bf91cb91638c7c806e079b3
6de9c5d54998c01fdedde58137519c2e1032ff13d4053495479a335ee1c32f60

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/icon-76@2x.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/images/icon-76@2x.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/images/icon-76@2x.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.1.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/favicon.ico

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/favicon.ico
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.1.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/ajax-loader.gif

137.184.184.135

200 OK

4.2 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/ajax-loader.gif
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/ajax-loader.gif HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.1.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 4178
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.woff

137.184.184.135

200 OK

74 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.woff
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
488f21ea7c716d40e0d3b2825ccdf018
3d1d54da233c616ec3a6f5fe0e13833ba9f1201b
189fc4aa307b90cb0dc80ce8265306b02a2faba33f98755066c4f1d14e544bb7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.woff HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.1.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 74
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff

alaskaus1a.dynamic-dns.net/css/nav/navSprites.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/css/nav/navSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /css/nav/navSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.1.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.ttf

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.ttf
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/fonts/slick.ttf HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057; _ga_R11FYFZ8HF=GS1.1.1672214057.1.0.1672214057.0.0.0; _ga=GA1.2.745942544.1672214057; agft=2d2aa13c7daaab18ec18d0031a0f685f.85879675; agfs=2d2aa13c7daaab18ec18d0031a0f685f.85879675&1672214058&1672214058&direct&(none)&&&&&; _gid=GA1.2.1275136748.1672214059; _gat_UA-105087488-1=1; _uetsid=d52707a0868411ed9dfd9709fe79142e; _uetvid=d5271990868411edace4432a2879b5ac

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/homeSprites.png

137.184.184.135

200 OK

190 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/nav/homeSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 272 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size
190 kB (190407 bytes)
Hash
c6dfc43f4439d97b3796d7141fefd850
d86a787e16816d02f05b18210bf5649ed403f10d
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/css/nav/homeSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 190407
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=0b23cbc6-8f98-4995-8826-294a44e1c849&sid=d52707a0868411ed9dfd9709fe79142e&vid=d5271990868411edace4432a2879b5ac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&r=&lt=4763&evt=pageLoad&sv=1&rn=851675

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=0b23cbc6-8f98-4995-8826-294a44e1c849&sid=d52707a0868411ed9dfd9709fe79142e&vid=d5271990868411edace4432a2879b5ac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&r=&lt=4763&evt=pageLoad&sv=1&rn=851675
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=134612163&tm=gtm002&Ver=2&mid=0b23cbc6-8f98-4995-8826-294a44e1c849&sid=d52707a0868411ed9dfd9709fe79142e&vid=d5271990868411edace4432a2879b5ac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&r=&lt=4763&evt=pageLoad&sv=1&rn=851675 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=19051161580F607618F003E9595861C0; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B4E671F00D14208A9D468CB99CBDA24 Ref B: OSL30EDGE0421 Ref C: 2022-12-28T07:54:23Z
date: Wed, 28 Dec 2022 07:54:23 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
52ca073ad56859a4aa27c7711a0280e0
0f9481ab1d4503f6768b94aca521a8e6a1cacc16
3be123f7c76a1cb88f5f06d8359ee810eb5aa11540c89bc747318101e3585145

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
66bebe7c4a03fcf72b3378dbb0a68518
4027df6b9ff491fa10741749325ad76ac5b974a7
1d8637f2196b92f26c00837d00e3ecaf7fecff7e0a4ff027885f0b6128dcbb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/831978068/?random=1672214057164&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2080763855&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/134612163.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/134612163.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/134612163.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=18166EA9C0C46FF70CD57C21C1936E0E; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B8B4DB65306434C9A650F4D5FEB3B9D Ref B: OSL30EDGE0421 Ref C: 2022-12-28T07:54:23Z
date: Wed, 28 Dec 2022 07:54:23 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ae0707aeabde36523941c20a68b5254
f882332bd8b3c0147af8ca8788be4a290d155766
537eefee073333371ff318be540498d3923603b79e282d6dd706cea5670caa8c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=745942544.1672214057&jid=1224378688&gjid=1184411081&_gid=1275136748.1672214059&_u=YADAAEAAAAAAACAAI~&z=1562282393

209.85.233.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=745942544.1672214057&jid=1224378688&gjid=1184411081&_gid=1275136748.1672214059&_u=YADAAEAAAAAAACAAI~&z=1562282393
IP
209.85.233.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=745942544.1672214057&jid=1224378688&gjid=1184411081&_gid=1275136748.1672214059&_u=YADAAEAAAAAAACAAI~&z=1562282393 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://alaskaus1a.dynamic-dns.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 07:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
66bebe7c4a03fcf72b3378dbb0a68518
4027df6b9ff491fa10741749325ad76ac5b974a7
1d8637f2196b92f26c00837d00e3ecaf7fecff7e0a4ff027885f0b6128dcbb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&rl=&if=false&ts=1672214059441&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214059441.1576961743&it=1672214058793&coo=false&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&rl=&if=false&ts=1672214059441&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214059441.1576961743&it=1672214058793&coo=false&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&rl=&if=false&ts=1672214059441&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214059441.1576961743&it=1672214058793&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 28 Dec 2022 07:54:24 GMT
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&upid=q8skero&upv=1.1.0

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&upid=q8skero&upv=1.1.0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F2a865de28ec099bf6b241f41aa2a056e%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3D0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe&upid=q8skero&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:24 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7817 bytes)
Hash
8ab36b0d168174ef2d960be9810fdb2d
7c8a7415cab3ef88b5d1204af214a687b1676dda
a1d842fd02273603db0090d34c317d7a3ce3e5f00f29271d45fc4ed6d09ee21e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 21a68509-6fec-48b3-8bce-fb2ebfab3289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuCEVwIAMFUrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-5e23ceec731631d93e01e2c8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1F1os87usGl0yMWsHxFZsVnrbmjJKydPf4ZXL4xsXjHau3fAS9Nf1Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:44:42 GMT
age: 36585
etag: "7c8a7415cab3ef88b5d1204af214a687b1676dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jsSuite-1.9.6.js

137.184.184.135

200 OK

0 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/js/jsSuite-1.9.6.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /2a865de28ec099bf6b241f41aa2a056e/js/jsSuite-1.9.6.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/2a865de28ec099bf6b241f41aa2a056e/?cont=QERldmlsbWFzazA5&token=0308e58c62ad2bb2692e15104a25aacd9cecc2313d1e97d9d9a8b1c4b1543a997f360416f71aa6159589e74d4b6ade11b4cc85e8652cfa887b74452beeb247fe
Cookie: PHPSESSID=d4f89910226cbba1e75e43ac8de82b86; _gcl_au=1.1.1375966805.1672214057

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:22 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:18 GMT
Accept-Ranges: bytes
Content-Length: 91138
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations