dejst.duckdns.org/fd5dc/umail.php
200 OK 3.7 kB URL User Request GET HTTP/2 dejst.duckdns.org/fd5dc/umail.php
IP
ASN #328364 Host-Africa-AS
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (505)
Hash 12db93a840f368fb9e32ea6725b15772
e9813ccbc705abf8dc32a89eadb8cffd21e561d9
4e763cd164c66dafa2344440dcaad43b94505b53c2acc67990e05d8a8fd00b66
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/umail.php HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 3722
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.3/es6-shim.min.js
200 OK 14 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.3/es6-shim.min.js
IP
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32014)
Hash d5542658d4952d2e5e60bd1ba0fb5936
8ba74af8092acd778259769825482cd6065ba25d
4c79606528eab7b89d35276752f1b2a53b970790b8855f644ae3d8adb8aad7da
GET /ajax/libs/es6-shim/0.35.3/es6-shim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 12:42:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 14321
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e54-dca5"
last-modified: Mon, 04 May 2020 16:09:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 448151
expires: Sun, 17 Nov 2024 12:42:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oJ3qPFWOaw53ZBSFBnARlU7drnGPEhdk2LwDkFS9w8vVa9uTDIKayb1gEcbuEwvwcQwjOeWURdYHWDZRMWimRj8FACRwSdgS8NiUFK%2BY5hsE7SAl3fKuuxicye7iZ35Yqp4Y5eo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2b0997fbb569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/jquery.js
200 OK 65 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/jquery.js
IP
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash faf25a0e7fe8568946620cebff161242
5c09832dfa0091ca87d428c19422923f946635ef
78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8
GET /ajax/libs/jquery/3.0.0-beta1/jquery.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 12:42:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 64839
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-40023"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 209079
expires: Sun, 17 Nov 2024 12:42:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYx4QzsqerNDZIN5Qg4gzGePa9kalM0iThysLGd6KzZ2ACY72zmhNKeb49UT53y2f05Mo6cdBaEwK%2BjNx6mC2RR%2BgZHNfZNzaKyTxObrt%2Bttz%2Bb%2BqN3cRLagF7AQ8%2FWDHEEfEUnA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2b0997fc5569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
200 OK 4.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash 053305c2b293c27c02523cda42962c09
556b0af7346b9e21a8eea1be8b195b563169ecd5
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 12:42:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 117369
expires: Sun, 17 Nov 2024 12:42:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNrcGPGjydcd72ltGgsllva3aLm7Oa2yIlPo5DSRcVlbcsRmbWSEFq%2FWTiRNfgsBc%2BPYzl0qXBOLJRrqtZRIC3Qk1beuFsOP8RbjhX6S6qjCBQOqwsjUf0QxVM8pNBlFLVIN%2Fa38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2b0997fc3569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/css/lp_53.css
200 OK 235 B URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/css/lp_53.css
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with CRLF line terminators
Hash a25cb726e9619c44daa6ee038670c6f8
dad04defcdeed873f52417cf4961b41abc6d96c6
47a17ec750e9b80a8fea129ad75cd4c45947a55f51e1b367cf13ea89471634b3
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/css/lp_53.css HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "34e-65619111-216cd754d66d5712;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 235
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/css/autocomplete.css
200 OK 41 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/css/autocomplete.css
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d0f58f448182ee276e0c2f3822d5625
3821329d121c4510ea24558611bcf46303f95bb5
fa481938b765790e06d52408ec3d4b5296f40adfa5852246bb1556c0b8a3973a
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/css/autocomplete.css HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "431d6-65619111-f91f42b3c77a17c7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41409
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/dist/css/formValidation.min.css
200 OK 1.7 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/dist/css/formValidation.min.css
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with very long lines (9642)
Hash a04f3fe72bc421c126256e5cacf1e7c7
87895f89616146f124266cdf7b17323ef0d17557
a1df840d52a6e1a2b85ed8ea59e25b34c824d520ca34b2a84adf7fef4b2689d8
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/dist/css/formValidation.min.css HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "4b8f-65619111-7d9e1fe888d70cd5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1692
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/53_Horizontal-logo.svg
200 OK 1.9 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/img/53_Horizontal-logo.svg
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (8875), with no line terminators
Hash 3880a984605784f04f282708a2f5786c
89a8f8d5cca2287a8a2f89667c2ca9a31010b3b0
909b33e41bbfa67cf7c1227e05b1b9c0e9d8c2a11b5cdc0618e7bb09d49124be
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/53_Horizontal-logo.svg HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: image/svg+xml
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "22ab-65619111-2778a63f070183d7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1918
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/53_Shield-logo-small.svg
200 OK 843 B URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/img/53_Shield-logo-small.svg
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d7024eb89b1473a00d37b2311dbd0967
d2c6fd0cae554d445eb201542d0113a3e3f220d0
c61a11c9e8c7b27848483a7d469e9e1b4d5226ab2377f02c8665a7352be0ce60
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/53_Shield-logo-small.svg HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: image/svg+xml
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "6ab-65619111-c3b0ab07f8cc0cc6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 843
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/user-Question-o.svg
200 OK 911 B URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/img/user-Question-o.svg
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1994), with no line terminators
Hash 8160abdb4cf326567f033243364d7c22
e19df1c4a337a1e0acc8014b17697b584ce4b39b
a7abbce85d88803c72cfa7917730744140f547363661a478e6e092326f7ddf89
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/user-Question-o.svg HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: image/svg+xml
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "7ca-65619111-d8764a14b0ec83c8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 911
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/dist/js/FormValidation.min.js
200 OK 15 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/dist/js/FormValidation.min.js
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 958e5454cf92264436c2c3c1de4c1c0c
f0fb820b4174e553b9f148f986b71df40ca49c52
d90224cd9ba0d138e7ba721d12b39e5e680999b2a1b246691542b195514e91ad
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/dist/js/FormValidation.min.js HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "10962-65619111-1b19674ee786ea82;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15283
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/dist/js/plugins/Foundation.min.js
200 OK 849 B URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/dist/js/plugins/Foundation.min.js
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with very long lines (2029), with no line terminators
Hash e47ecd93128ab399fcef3241a216f527
f5917be5c7d75a2f41b9a6c4c3422b69acd109ff
e347bf8a60497f126cd8d4df5cef31df2daa7ea19b48a0cb2c4070b6689dda51
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/dist/js/plugins/Foundation.min.js HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "7ed-65619111-a4a4d15f0685c778;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 849
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/dist/js/forms.js
200 OK 1.6 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/dist/js/forms.js
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type ASCII text, with CRLF line terminators
Hash 105590c6062e49fa6e7f449936ab9920
ae01fef4b4b5b6ed0e19049f6737c419ab83a28e
b8b709a8a41499ce945c344fb7cc53f8f1b99f66d8f72e81d87f1847c40ba873
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/dist/js/forms.js HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "3689-65619111-581eb7ec38dc2eab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1630
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/equal-housing-lender--large.png
200 OK 6.7 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/img/equal-housing-lender--large.png
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type PNG image data, 74 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 3191014c1149a25a9a359542581e0e37
2bb382de51ab8ecf794235338c143cbf5b8b6536
a6a561761acd53e674570d7ec3a2d119c75db57276efd9d1cfbce792389782e1
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/equal-housing-lender--large.png HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:15 GMT
content-type: image/png
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "1a0c-65619111-5b1903e220559a59;;;"
accept-ranges: bytes
content-length: 6668
date: Tue, 28 Nov 2023 12:42:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/member-fdic.png
200 OK 14 kB URL GET HTTP/2 dejst.duckdns.org/fd5dc/assets/img/member-fdic.png
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type PNG image data, 118 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 12f52a05cd1d945085ff8f5cb0eab45a
cd6b9ea773fb2055e467c8d474dca7152aa475f1
96b5e6548b16dff5e401d796818b8fc6c4158338dffadd90f550a48ca1d8a47c
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/member-fdic.png HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:16 GMT
content-type: image/png
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "34b7-65619111-d2683a9b57c71108;;;"
accept-ranges: bytes
content-length: 13495
date: Tue, 28 Nov 2023 12:42:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dejst.duckdns.org/fd5dc/assets/img/favicon.png
200 OK 1.8 kB URL GET HTTP/3 dejst.duckdns.org/fd5dc/assets/img/favicon.png
IP
ASN #328364 Host-Africa-AS
Requested by https://dejst.duckdns.org/fd5dc/umail.php
Certificate IssuerLet's Encrypt
Subjectdejst.duckdns.org
FingerprintA2:44:54:A6:C1:BB:54:C5:E4:8B:D7:42:B2:EC:EF:84:05:70:A3:59
ValidityFri, 24 Nov 2023 07:25:48 GMT - Thu, 22 Feb 2024 07:25:47 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bf542c74fd58eaca23c6ce2afa8ae4f
bbb516e3c7ed858eb951e678f5c170f1825a8fe6
243756cacc67ac3fcca021ec29c5341d58e644135492ba290ee9ad5c9a2ef72e
Analyzer Verdict Alert urlquery phishing Phishing - Fifth Third Bank
urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Fifth Third Bank
GET /fd5dc/assets/img/favicon.png HTTP/1.1
Host: dejst.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dejst.duckdns.org/fd5dc/umail.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 12:42:16 GMT
content-type: image/png
last-modified: Sat, 25 Nov 2023 06:15:45 GMT
etag: "716-65619111-fbabbf991396422a;;;"
accept-ranges: bytes
content-length: 1814
date: Tue, 28 Nov 2023 12:42:16 GMT
server: LiteSpeed
102.130.117.208
104.17.25.14