Overview

URLmail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=28b930befe8d87c7144df421ca7d890e
IP 51.142.122.25 (United Kingdom)
ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 09:32:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert31
urlquery alerts
21
DynDNS domain detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mail.supporthuboa.duckdns.org (20) 0 2022-09-22 18:37:32 UTC 2022-09-23 05:48:40 UTC 51.142.122.25 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.88.220.109
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.35
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 mail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=28b930befe8d87c714 (...) Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America
2022-09-23 2 mail.supporthuboa.duckdns.org/ Bank of America

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 mail.supporthuboa.duckdns.org/index.php Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Regular-webfont.woff Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/content/PRC384/_Fonts/Connections.woff Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Bold-webfont.woff Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Regular-webfont.ttf Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/content/PRC384/_Fonts/Connections.ttf Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Bold-webfont.ttf Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Regular-webfont.woff Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Bold-webfont.woff Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Regular-webfont.ttf Phishing
2022-09-23 2 mail.supporthuboa.duckdns.org/Content/_Fonts/OpenSans-Bold-webfont.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.142.122.25
Date UQ / IDS / BL URL IP
2022-09-25 08:36:56 +0000 21 - 0 - 49 supporthuboa.duckdns.org/DKzdN9sfxXKz.php?use (...) 51.142.122.25
2022-09-24 14:06:47 +0000 21 - 0 - 51 www.supporthuboa.duckdns.org/DKzdN9sfxXKz.php (...) 51.142.122.25
2022-09-23 22:07:39 +0000 20 - 0 - 30 mail.supporthuboa.duckdns.org/ 51.142.122.25
2022-09-23 21:21:10 +0000 20 - 0 - 47 www.supporthuboa.duckdns.org/ 51.142.122.25
2022-09-23 10:53:41 +0000 21 - 0 - 29 supporthuboa.duckdns.org/DKzdN9sfxXKz.php?use (...) 51.142.122.25


Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK
Date UQ / IDS / BL URL IP
2023-02-08 10:23:41 +0000 0 - 1 - 0 crowncourtdcs.caselines.co.uk/Account/LogOn?R (...) 52.169.73.236
2023-02-08 09:41:10 +0000 0 - 2 - 0 noticias.juridicas.com/ACTUALIDAD/NOTICIAS/ 137.117.159.91
2023-02-08 09:36:22 +0000 13 - 0 - 22 20.203.169.150/nordea_no/login.php 20.203.169.150
2023-02-08 09:35:59 +0000 0 - 0 - 46 20.94.62.51/login/index.php 20.94.62.51
2023-02-08 09:16:46 +0000 0 - 0 - 1 4071177714.gopeerclick.com/15GOFF 20.113.187.208


Last 5 reports on domain: supporthuboa.duckdns.org
Date UQ / IDS / BL URL IP
2023-01-28 02:50:31 +0000 0 - 4 - 0 supporthuboa.duckdns.org/DKzdN9sfxXKz.php?use (...) 192.169.69.26
2022-09-25 08:36:56 +0000 21 - 0 - 49 supporthuboa.duckdns.org/DKzdN9sfxXKz.php?use (...) 51.142.122.25
2022-09-24 14:06:47 +0000 21 - 0 - 51 www.supporthuboa.duckdns.org/DKzdN9sfxXKz.php (...) 51.142.122.25
2022-09-23 22:07:39 +0000 20 - 0 - 30 mail.supporthuboa.duckdns.org/ 51.142.122.25
2022-09-23 21:21:10 +0000 20 - 0 - 47 www.supporthuboa.duckdns.org/ 51.142.122.25


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-31 14:48:23 +0000 0 - 0 - 2 cdn.tinysun.net/main/index.php 143.198.107.223
2022-10-18 19:23:37 +0000 22 - 0 - 0 onlineassisthubz.ddns.net/main/step01.php?use (...) 134.209.70.101
2022-10-16 16:53:31 +0000 21 - 0 - 2 onlinefraudhubz.ddns.net/main/step01.php?user (...) 159.223.141.140
2022-10-16 09:38:41 +0000 22 - 0 - 1 onlinefraudhubz.ddns.net/main/step01.php?user (...) 159.223.141.140
2022-10-06 08:53:24 +0000 22 - 0 - 12 upgradecrewhubz.ddns.net/main/step01.php?user (...) 68.183.119.8

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (39)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qjOtxh3_O4sa-oLWRiaEHQtnCaYtjMyTdGnCD8vxlJdihkEp5ax7hQ==
Age: 1084


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20529
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 09:32:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2193
Expires: Fri, 23 Sep 2022 10:08:44 GMT
Date: Fri, 23 Sep 2022 09:32:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WueUHtO4SxDjdbYnawuYn2GnV6vCHZBjsm+0JQUkjM2WKZM1PIOd4tqENQDuuAfwE3ZvzHP2Omw=
x-amz-request-id: AJHDT583F2B3GHZR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 08:44:17 GMT
age: 2874
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /DKzdN9sfxXKz.php?user&code=28b930befe8d87c7144df421ca7d890e HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.142.122.25
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:32:11 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e; path=/
Location: index.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (502)
Size:   15496
Md5:    7198e3f2fc55ad64ec37068aea0b6a59
Sha1:   ba1d5ad183f6d0dafef6dd5cdacb6b10acd91a5c
Sha256: 1474978b5a8fd3a87f0e858fffc737a3f930d7ba008c0fec001c84a7b6e79d59

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /index.php HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:32:11 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3911
Md5:    258baaf39b38b9dc7c3ad8330540a06e
Sha1:   3c7b6c80aa77d39b75cad4857877b2c45225dba7
Sha256: 3f6ac6a142665254f66473b1cb75ef9603c2f54fb076700934b88650c5622ba8

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 09:32:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /4dW35T2JzLgL/FFVyb3kAAB8N.css HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/index.php
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:32:11 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 6294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6294), with no line terminators
Size:   6294
Md5:    ef0998bf10441c0dc0dcb132bdfbdc1a
Sha1:   36a3460c32106a213b8f6ebd515abe32c481eb9f
Sha256: faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /4dW35T2JzLgL/qx4wE6BhL7jU.gif HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/index.php
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 23 Sep 2022 09:32:11 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/index.php
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 09:19:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mEKVrBta9MmLby9EeOfwGUztu2siMTZkBpBpRz9sbOQyYc1Tg2w7cg==
Age: 1729


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5535
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:32:12 GMT
Last-Modified: Fri, 23 Sep 2022 07:59:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sYhba8TU9wTC0cqvV9yYWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.88.220.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tbP83fjfRPJHtv5yclB576S20TU=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:32:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:32:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:32:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:32:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:32:13 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 41085
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:32 GMT
age: 41081
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4947
Md5:    d22173527a1bc9b264170aaa07491248
Sha1:   944c0453511761e101cb9e50ba8af7545e32e357
Sha256: c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 40847
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 42231
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 09:35:19 GMT
age: 86214
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13000
Md5:    634db5bfe2b27e608c3f3518b0c44ebb
Sha1:   06f5f63e681d711bd68626805c5dd2b902ebf9cf
Sha256: 935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 17957
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /DKzdN9sfxXKz.php?user&code=4b32e2d0119c13e865ad8edcd2d98d49 HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/index.php
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (502)
Size:   15528
Md5:    d3f8b6ed408135a9bf35cf5b6f50b388
Sha1:   f2d432b7beb4795439792770c1147038de9652fa
Sha256: bc3989f573182c7d3d8caa6356b58afb9d4ddf095a50855a5bffcde9d5c79e23

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /4dW35T2JzLgL/site.min.css HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=4b32e2d0119c13e865ad8edcd2d98d49
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 63361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (1035)
Size:   63361
Md5:    1e82fb1bc670b605717b2f9251f41d6b
Sha1:   1df337f8797d2e18b0dc5bfaaa9a8b0fad3cfbcb
Sha256: 2d14a1371b7219ab7be1c6a78d688ad0f1b7c7324cdf7f688c7b2e2e3feec504

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /4dW35T2JzLgL/LykpVhQKBp9J.css HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=4b32e2d0119c13e865ad8edcd2d98d49
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 306585
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   306585
Md5:    919dbb67a502b70d1cd8769df8f231ae
Sha1:   13cf09626b0cdd7591aa688b880395438a023a48
Sha256: a9efc5f2e514ed783e4c67a79a02e79f617acd5ff3ce67b46dc671be58a1b72f

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /4dW35T2JzLgL/uyAd2hBWk7Vf.png HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=4b32e2d0119c13e865ad8edcd2d98d49
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 7719
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 250 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   7719
Md5:    4bdaebff69d7ccb9aa4594cde4a3993d
Sha1:   9bc8a3873ff1d569e98bf65d1794615f44e84ccc
Sha256: 880607ae689c1b591ea1162ac16e6ad0b2ec68e80bb86b5e9f86bce6c0e274a7

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /4dW35T2JzLgL/BJrADhjH2E3D.png HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/DKzdN9sfxXKz.php?user&code=4b32e2d0119c13e865ad8edcd2d98d49
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 16:52:18 GMT
Accept-Ranges: bytes
Content-Length: 7719
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 250 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   7719
Md5:    62b1cd8a110706260023cd91d7316096
Sha1:   ec98871b14975f225946431a0cb0fdb27fba35e1
Sha256: ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
                                        
                                            GET /Content/_Fonts/OpenSans-Regular-webfont.woff HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /content/PRC384/_Fonts/Connections.woff HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Bold-webfont.woff HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:13 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Regular-webfont.ttf HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /content/PRC384/_Fonts/Connections.ttf HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Bold-webfont.ttf HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/site.min.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Regular-webfont.woff HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/LykpVhQKBp9J.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Bold-webfont.woff HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/LykpVhQKBp9J.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Regular-webfont.ttf HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/LykpVhQKBp9J.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing
                                        
                                            GET /Content/_Fonts/OpenSans-Bold-webfont.ttf HTTP/1.1 
Host: mail.supporthuboa.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.supporthuboa.duckdns.org/4dW35T2JzLgL/LykpVhQKBp9J.css
Cookie: PHPSESSID=1108bcb2f650ba08a1c2e7e6f491a00e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         51.142.122.25
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:32:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Bank of America
    - fortinet: Phishing