Report - asbestregiont.duckdns.org/

Report Overview

Submitted URL
asbestregiont.duckdns.org/
IP
47.87.142.222
ASN
#0
Submitted
2023-06-02 12:38:23
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
20
Network Intrusion Detection
36
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-02	2.2 kB	199 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-02	483 B	26 kB	142.250.74.106
asbestregiont.duckdns.org	unknown	2013-04-12	2023-05-27	2023-05-28	8.6 kB	2.0 MB	47.87.142.222
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	1.3 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-02 12:38:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-02 12:38:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-02 12:38:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/
2023-05-27	medium	asbestregiont.duckdns.org/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	asbestregiont.duckdns.org/style/js/style.js	2.1 kB	2023-03-07	2024-04-06
Pretty URL asbestregiont.duckdns.org/style/js/style.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:18:59 Last Seen2024-04-06 08:08:56 Times Seen260 Hash 36fd82a1ac14727f740a7d3e35b1c552 1f989be5cf460ef4b015f89ef22a61a2365148fe 86c051eb57fe97e4dc99fd4cba7334c3faef8e6d3655da6f2b04176f523d96f5 Loading...

	unknown	42 B	2023-04-12	2024-04-18
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-12 02:41:29 Last Seen2024-04-18 06:59:18 Times Seen654 Hash e4f01501d930619dccc83f3dc1283698 5d6d697171546aecfdee4fdd9665b0de6a91a4d1 3ba8481b8aa1ee437faebbc51023e969a86642b796d3d23dafeaa11ac8b2557e Loading...

	asbestregiont.duckdns.org/style/js/main.js	4.2 kB	2023-03-07	2024-04-06
Pretty URL asbestregiont.duckdns.org/style/js/main.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:18:59 Last Seen2024-04-06 08:08:56 Times Seen492 Hash a96bf5940e256da7dffc0b2e2a1c8f0e db3204906004db53388937310e635d7c6b412f98 8965eaf1598037b1a608ede6ff9633e6944b70039d631f80f635e25c79030da8 Loading...

	asbestregiont.duckdns.org/style/js/jquery.min.js	88 kB	2023-03-07	2024-04-16
Pretty URL asbestregiont.duckdns.org/style/js/jquery.min.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-16 22:03:47 Times Seen7557 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	unknown	26 B	2023-04-11	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:13:06 Last Seen2024-04-18 15:39:56 Times Seen115731 Hash 1c862db5f2555377c2dc1e62ed7b3981 c29e6dc25c08a70995127ec13ded6f80d9a36174 27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac Loading...

	asbestregiont.duckdns.org/style/js/jquery.CardValidator.js	6.4 kB	2023-03-07	2024-04-15
Pretty URL asbestregiont.duckdns.org/style/js/jquery.CardValidator.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen437 Hash fb905575d35b1762182c0bdb0156a8e7 5d7364bb8423174608a55975e985138b09ef16f0 2e31f31633d04598c60731878851d821eaa4403af63b930d58bb10bc9c0428a2 Loading...

	asbestregiont.duckdns.org/style/js/jquery.validate.min.js	23 kB	2023-04-11	2024-04-06
Pretty URL asbestregiont.duckdns.org/style/js/jquery.validate.min.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 08:26:05 Last Seen2024-04-06 08:08:56 Times Seen161 Hash 9bec56fb52cf4406d62c073c7c316e38 bebdbf44dd9f17761c8d5e0446060ec313fa44b7 fd78a97e3463e266eb0f2e5a4430b628c27789afe90d926d97e7f7d766491fe3 Loading...

	asbestregiont.duckdns.org/style/js/jquery.mask.js	18 kB	2023-03-07	2024-04-18
Pretty URL asbestregiont.duckdns.org/style/js/jquery.mask.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-18 14:41:17 Times Seen3564 Hash 219d169a80568884a3d6baab3e5e7def 61d00104de8c972c820cd9b527d8e2edb30e5c4a cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a Loading...

	asbestregiont.duckdns.org/style/js/popper.min.js	20 kB	2023-03-07	2024-04-18
Pretty URL asbestregiont.duckdns.org/style/js/popper.min.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-18 11:38:27 Times Seen1793 Hash a22f3f7e61af6a069aa6b422537c3f49 682fdc625ae80a890d10af2cb16e62540e2186a8 d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49 Loading...

	asbestregiont.duckdns.org/style/js/bootstrap.min.js	59 kB	2023-03-07	2024-04-09
Pretty URL asbestregiont.duckdns.org/style/js/bootstrap.min.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-04-09 18:17:54 Times Seen1849 Hash 0f9ea8d6bb66dbed6e0966f9da35b7fd 8095a33f75ca53aa5409b8bf00ea30372755092d 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4 Loading...

	asbestregiont.duckdns.org/style/js/angular.min.js	167 kB	2023-03-07	2024-04-18
Pretty URL asbestregiont.duckdns.org/style/js/angular.min.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:29 Last Seen2024-04-18 14:41:17 Times Seen3424 Hash be6af23e2a716c006da75d0291784254 9c923313eabc56d715a7c07bf855feb26a72f671 8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9 Loading...

	asbestregiont.duckdns.org/style/js/fontawesome.js	1.1 MB	2023-03-07	2024-04-06
Pretty URL asbestregiont.duckdns.org/style/js/fontawesome.js IP 47.87.142.222 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:27 Last Seen2024-04-06 08:08:56 Times Seen737 Hash 02dc00e986773a2294d5ce33ef02e442 d0f4ff24480d518ca8301e4d7df51cd9f1b1b9ae 16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17 Loading...

HTTP Transactions (28)

URL IP Response Size

asbestregiont.duckdns.org/style/CADIF_logo_horizontal_rvb_v4.png

47.87.142.222

200 OK

19 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/CADIF_logo_horizontal_rvb_v4.png
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
PNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18782 bytes)
Hash
71cb5c78702e00ffb116f88d9280896a
d32b9b4f245643b1e4477f923b12a4d17d50cc3d
f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/CADIF_logo_horizontal_rvb_v4.png HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: image/png
content-length: 18782
last-modified: Sat, 27 May 2023 05:46:13 GMT
etag: "64719925-495e"
expires: Sun, 02 Jul 2023 12:38:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

asbestregiont.duckdns.org/style/js/main.js

47.87.142.222

200 OK

1.5 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/main.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
gzip compressed data, from Unix\012- data
Size
1.5 kB (1538 bytes)
Hash
51e4f2b109eecb4489e580ad91f9eb53
fd140f85fbb3748a7fb4f6294fac1b2897b2b8da
470ae21e6a170f7dc86a67398c19a245210a7b191787f782f273545d32285558

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/main.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:39 GMT
vary: Accept-Encoding
etag: W/"6471993f-1092"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/css/main.css

47.87.142.222

200 OK

3.1 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/css/main.css
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
gzip compressed data, from Unix\012- data
Size
3.1 kB (3144 bytes)
Hash
cb85ba3df4fd2cc077511bc6a9a68800
8a8fc13c492b366d0da142046c9faa8158539c5d
b79d2ded9a849fd95eb4ef84af8e8a63d4101aeaf76616ab58df720b65fef04e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/css/main.css HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 05:46:21 GMT
vary: Accept-Encoding
etag: W/"6471992d-287c"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
de06f6fcbc144014f20c63dd5fe236b4
7f10e556cc7c7786c031a226d3efc006f8511c28
ae157c3fec7620409ce8cf7d841a47c30b487c02bbc82df9127345b7b1149f3e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://asbestregiont.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:28:56 GMT
expires: Wed, 29 May 2024 17:28:56 GMT
cache-control: public, max-age=31536000
age: 241750
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://asbestregiont.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:28:56 GMT
expires: Wed, 29 May 2024 17:28:56 GMT
cache-control: public, max-age=31536000
age: 241750
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.163

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50440, version 1.0\012- data
Size
50 kB (50440 bytes)
Hash
8d73136b592a1ac8169d957e49e381e8
9fef34759e0c807db6e6456b6eff648ba4692bf3
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

HTTP Headers

GET /s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://asbestregiont.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 16:00:55 GMT
expires: Wed, 29 May 2024 16:00:55 GMT
cache-control: public, max-age=31536000
age: 247031
last-modified: Tue, 02 May 2023 15:13:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://asbestregiont.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:28:56 GMT
expires: Wed, 29 May 2024 17:28:56 GMT
cache-control: public, max-age=31536000
age: 241750
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/popper.min.js

47.87.142.222

200 OK

174 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/popper.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
gzip compressed data, from Unix\012- data
Size
174 kB (174114 bytes)
Hash
2a5be60ca58d8cab3a2d231202f87997
c07f27e08b08f96e8d49ba5e4cd4ae7952ec8026
2d2fb6ae6cbc4534aa09ac014bd69d9bb9c8498cb34c034f0ca7dc8de7656d69

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/popper.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:40 GMT
vary: Accept-Encoding
etag: W/"64719940-4f70"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
de06f6fcbc144014f20c63dd5fe236b4
7f10e556cc7c7786c031a226d3efc006f8511c28
ae157c3fec7620409ce8cf7d841a47c30b487c02bbc82df9127345b7b1149f3e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:38:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

asbestregiont.duckdns.org/style/js/angular.min.js

47.87.142.222

200 OK

67 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/angular.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
gzip compressed data, from Unix\012- data
Size
67 kB (67186 bytes)
Hash
50de82416501b9a1da8a315ae1df09d1
6d0b556eeba09e9250b45a5ddeec14ca9855c579
6846d6330c971f49e7181a67024d94421004095c6a30b4f3eb5b6ea58fec0138

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/angular.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:34 GMT
vary: Accept-Encoding
etag: W/"6471993a-28cdb"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/jquery.validate.min.js

47.87.142.222

200 OK

23 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/jquery.validate.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type

Size
23 kB (23038 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/jquery.validate.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:40 GMT
vary: Accept-Encoding
etag: W/"64719940-59fe"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/jquery.mask.js

47.87.142.222

200 OK

18 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/jquery.mask.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text
Size
18 kB (18430 bytes)
Hash
219d169a80568884a3d6baab3e5e7def
61d00104de8c972c820cd9b527d8e2edb30e5c4a
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/jquery.mask.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:38 GMT
vary: Accept-Encoding
etag: W/"6471993e-47fe"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/css/fonts.css

47.87.142.222

200 OK

1.4 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/css/fonts.css
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (1392), with no line terminators
Size
1.4 kB (1366 bytes)
Hash
76d22431d1cc244efa31a561960637cb
ced6af66a619548f1704b4313e997656312ce562
f07db09887b5b391db409a4d75df40d21088edb0c01aac4bb0e560e00ade610d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/css/fonts.css HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 05:46:19 GMT
vary: Accept-Encoding
etag: W/"6471992b-556"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/jquery.min.js

47.87.142.222

200 OK

88 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/jquery.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (65451)
Size
88 kB (88144 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/jquery.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:39 GMT
vary: Accept-Encoding
etag: W/"6471993f-15850"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/css/helpers.css

47.87.142.222

200 OK

41 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/css/helpers.css
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (40872)
Size
41 kB (40873 bytes)
Hash
22b3a980c8bc77a2c4729d67969639ba
5d490a43a5f2d536ac229ef14b698566ef695b27
2a6536dfb04e99526ca10907b63b77bd89acf583d1e0a5351a64983b65a860ab

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/css/helpers.css HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 05:46:20 GMT
vary: Accept-Encoding
etag: W/"6471992c-9fa9"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/favicon.png

47.87.142.222

200 OK

1.8 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/favicon.png
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1793 bytes)
Hash
ed9c56116b458dfeef180879add56940
f661f922f0bfdf0d2d470aea158eb77d49b5bb26
0c6849d4541c1b5d297b7e48dc2c13d43c357610effd13e1a90929b6638205e0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/favicon.png HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:06 GMT
content-type: image/png
content-length: 1793
last-modified: Sat, 27 May 2023 05:46:14 GMT
etag: "64719926-701"
expires: Sun, 02 Jul 2023 12:38:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/css/bootstrap.min.css

47.87.142.222

200 OK

141 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/css/bootstrap.min.css
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140936 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/css/bootstrap.min.css HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 05:46:20 GMT
vary: Accept-Encoding
etag: W/"6471992c-22688"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/bootstrap.min.js

47.87.142.222

200 OK

59 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/bootstrap.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (59058), with no line terminators
Size
59 kB (59058 bytes)
Hash
0f9ea8d6bb66dbed6e0966f9da35b7fd
8095a33f75ca53aa5409b8bf00ea30372755092d
306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/bootstrap.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:35 GMT
vary: Accept-Encoding
etag: W/"6471993b-e6b2"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/jquery.min.js

47.87.142.222

200 OK

88 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/jquery.min.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (65451)
Size
88 kB (88144 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/jquery.min.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:06 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:39 GMT
vary: Accept-Encoding
etag: W/"6471993f-15850"
expires: Sat, 03 Jun 2023 00:38:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

142.250.74.106

200 OK

25 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
25 kB (24860 bytes)
Hash
1a3f8ed669bfb23c7a7c50993f691d3c
00f509af3fc8fb6ad3d1b67e7068217829c2b2ba
a2a539ffc2d9864af69560f5b77f29da9bd5aa8e9141e8ca2e9a0930bb8ca965

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 12:38:06 GMT
date: Fri, 02 Jun 2023 12:38:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

asbestregiont.duckdns.org//style/fermeture-agence-travaux-DAB_septembre2020.jpg

47.87.142.222

200 OK

165 kB

URL GET HTTP/2
asbestregiont.duckdns.org//style/fermeture-agence-travaux-DAB_septembre2020.jpg
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=19, height=3264, bps=0, compression=none, PhotometricIntepretation=RGB, description=11 d\303\251cembre 2015, manufacturer=Canon, model=Canon EOS-1D Mark IV, orientation=upper-left, width=4896], baseline, precision 8, 960x640, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 26228-27759, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 75594131500502762294377185280.000000, slope 18524499018441621041854808064.000000\012- data
Size
165 kB (165217 bytes)
Hash
9185fa780a0576f2043bb631d7b4269c
4a4da7e75f2fc8df41652d9c3ffa277c301bbf04
e07a9ccc231bfc6a4f4ef7d64b1c2df670d9ac347d0d3e4cb4ad04c2133e07f5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET //style/fermeture-agence-travaux-DAB_septembre2020.jpg HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/style/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:06 GMT
content-type: image/jpeg
content-length: 165217
last-modified: Sat, 27 May 2023 05:46:15 GMT
etag: "64719927-28561"
expires: Sun, 02 Jul 2023 12:38:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/fontawesome.js

47.87.142.222

200 OK

1.1 MB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/fontawesome.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type

Size
1.1 MB (1061194 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/fontawesome.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:38 GMT
vary: Accept-Encoding
etag: W/"6471993e-10314a"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/

47.87.142.222

200 OK

24 kB

URL User Request GET HTTP/2
asbestregiont.duckdns.org/
IP
47.87.142.222:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type

Size
24 kB (23485 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET / HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/jquery.CardValidator.js

47.87.142.222

200 OK

6.4 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/jquery.CardValidator.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (6584), with no line terminators
Size
6.4 kB (6367 bytes)
Hash
94109c4b72b3b549981f01aa349ecfb5
6dbbb7240782176f84dd152f1ff24a2016885f32
82f4e52bb661a7b18588554b4e05fdd89a9f94f4a4b0324b651a06fb3be7e5c5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/jquery.CardValidator.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:37 GMT
vary: Accept-Encoding
etag: W/"6471993d-18df"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

asbestregiont.duckdns.org/style/js/style.js

47.87.142.222

200 OK

2.1 kB

URL GET HTTP/2
asbestregiont.duckdns.org/style/js/style.js
IP
47.87.142.222:443
ASN
#0

Requested by
https://asbestregiont.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectasbestregiont.duckdns.org
Fingerprint7B:E7:A2:3F:6A:DD:A3:81:40:DF:B7:69:37:6D:0C:73:4F:00:6D:13
ValiditySat, 27 May 2023 04:44:11 GMT - Fri, 25 Aug 2023 04:44:10 GMT

File type
ASCII text, with very long lines (2282), with no line terminators
Size
2.1 kB (2137 bytes)
Hash
5ff06fa2a6b13a453894eab1a1866dd4
3f1f9af77cedd2747f52dba66c132fb1e7c3a458
becfbf71b2793122b2b7c56f7158a8c4018219b98c8cea0ca9c7240cfb71d6dc

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Credit Agricole S.A.

HTTP Headers

GET /style/js/style.js HTTP/1.1
Host: asbestregiont.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asbestregiont.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 12:38:05 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 05:46:40 GMT
vary: Accept-Encoding
etag: W/"64719940-859"
expires: Sat, 03 Jun 2023 00:38:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by