Report - ftp.info-nexi-key.myddns.com/

Report Overview

Submitted URL
ftp.info-nexi-key.myddns.com/
IP
45.125.66.70
ASN
#133398 Tele Asia Limited
Submitted
2022-09-01 22:13:01
Access
public
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
39
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.7 kB	67 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
www.app-utente.ddns.ms	unknown	2022-09-01T18:49:42Z	2022-11-01T02:36:08Z	20 kB	2.2 MB	45.125.66.70
i.imgur.com	5110	2012-05-21T10:09:36Z	2023-03-16T20:05:05Z	374 B	4.7 kB	151.101.84.193
panelumeu.ns1.name	unknown	2022-08-22T14:19:23Z	2022-09-02T22:06:33Z	1.7 kB	770 B	45.125.66.95
ftp.info-nexi-key.myddns.com	unknown	2022-08-30T12:18:42Z	2023-01-11T13:35:53Z	348 B	387 B	45.125.66.70
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.9 kB	8.0 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	35.80.175.197

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	ns1.name	Sinkholed
2022-09-01	medium	ns1.name	Sinkholed
2022-09-01	medium	ns1.name	Sinkholed

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-03-07	2024-04-25
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/ua-parser-js/dist/ua-parser.min.js IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-25 08:42:18 Times Seen667 Hash e0ae48c8ebbe57edeacb5b02f16d0df9 0c5a29a88add39486162e0c16f23e2e06fc7842e 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896 Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.js	16 kB	2023-03-07	2023-03-17
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.js IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-17 12:45:00 Times Seen1 Hash 417bf896c326e17016555b4b7e35f231 0917dd7e22f2dc67001fb584875e532468f0fa4c ba3031c47e7e47d21da351012ea8e9f9cfabdf8221c82096e1361d7d04cdb153 Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/angular/angular.min.js	169 kB	2023-03-07	2024-04-17
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/angular/angular.min.js IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-17 21:52:49 Times Seen427 Hash 4c619ef91e3fa3f1d4813db2b2eb738d c5f77156c6f5397be71914eb80d8f998ea1279e7 35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27 Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/form.js?v=63112e6424d52	2.6 kB	2023-03-07	2024-04-25
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/form.js?v=63112e6424d52 IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-04-25 13:21:56 Times Seen356 Hash eee4f38d51f96bf15259382b48b33d50 247040dcf67aa7f48d5bbcd3e91610f7ae534787 01c12b5cd06120dfb1f8f9ee454d423b3c6648580d55926d5394c0ee6cdc2b47 Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/jquery/dist/jquery.min.js IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 13:31:07 Times Seen62758 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/token/core_token.js	9.0 kB	2023-03-07	2023-03-17
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/token/core_token.js IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2023-03-17 12:45:00 Times Seen1 Hash 7a110ec1550aa17c449d9d39ab0f32c9 30aca71f73a7a953adc5809b678d9158ed639c5b 300b65121e86eb881f897e9078386916dc46d2c0dbea9591f0bf252ac32c94fc Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html	603 B	2023-03-17	2023-03-17
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 09:43:17 Last Seen2023-03-17 09:43:17 Times Seen1 Hash 1a45b46a4555886474e76e157908cf67 d0f52a4e973b3fe8ee00c063474c8727a379b5b6 0ad842f61fcab084ad108d141c5b6db3498c5207689f725282ac6ed1b8cb75be Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/ng/ng.js?v=63112e6424d8d	3.2 kB	2023-03-07	2024-02-28
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/ng/ng.js?v=63112e6424d8d IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-02-28 06:51:36 Times Seen44 Hash 9fac426a287d77ace9c473e0c8c1c319 fa7ee4740a6ccc8ffd27cdb9b807dbd527e12310 9e7d74d8733620d2d8c3ee9e2f9bbf11ffecfdb33c19d5ebfaa589a779f50a1a Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/token/token.js?v=63112e6424dc4	1.2 kB	2023-03-07	2024-03-03
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/token/token.js?v=63112e6424dc4 IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-03-03 07:38:52 Times Seen47 Hash 41d806890e033a1499f539384b89acb7 b59a09636e144fbbafb72ab9aca8ac5cc2de99cb f281184bb9d9bce514bbde9ea13b61f01fe9665e36ace1587dfa8d85de3c7631 Loading...

	panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371683&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662070371684	57 B	2023-03-17	2023-03-17
Pretty URL panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371683&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662070371684 IP 45.125.66.95 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 09:43:17 Last Seen2023-03-17 09:43:17 Times Seen1 Hash 81442a3595a271f5b6494741d1b1a7fd 480dc6354b37e9f624e592090a16a45a5c1cc1ce ad415727c57ca0302b92801677967b8e7fd8b1fe146c1c45d5a1cb6b35bc8e25 Loading...

	panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371682	57 B	2023-03-17	2023-03-17
Pretty URL panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371682 IP 45.125.66.95 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 09:43:17 Last Seen2023-03-17 09:43:17 Times Seen1 Hash ae27fe17d0f04ba67e3e9e6817bbc816 c3aa971d6816a288629af006465f830262c9742b 337faa496c5b0334375ab77343c1f1ec65a76518ae0d13b79342ba81e075bac7 Loading...

	www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html	164 B	2023-03-17	2023-03-17
Pretty URL www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html IP 45.125.66.70 ASN #133398 Tele Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 09:43:17 Last Seen2023-03-17 09:43:17 Times Seen1 Hash 090752116f2772ad988f801eefaca43d 2987a1b5f4016d6f9f18539b7844595196672b50 67cb93414c15884ec8f57f72847784c017cff0970210264e385610490dacc72d Loading...

HTTP Transactions (61)

URL IP Response Size

ftp.info-nexi-key.myddns.com/

45.125.66.70

200 OK

137 B

URL HTTP/1.1
ftp.info-nexi-key.myddns.com/
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with no line terminators
Size
137 B (137 bytes)
Hash
1d11fd5b84311470ba11de08ef6deaec
f0992f55a63d7a0e3ab57b9f77ece9f4b9077548
4aecd120992eefc52a1ac6a7e5dbbe5abd1b58fb67fb64a2b1c36493ad74962e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET / HTTP/1.1
Host: ftp.info-nexi-key.myddns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:50 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 137
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6875
Expires: Fri, 02 Sep 2022 00:07:25 GMT
Date: Thu, 01 Sep 2022 22:12:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 21:41:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -DKlRBxvxka4XylOjb-QhPYswkrme8GPk6pu19gPdIW5UYdcL7phGw==
Age: 1885

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i_P7t5b91ZwvRZvJIzzDEMyaobnRk3afsXXGJcunZ7EIOS9cBW_imw==
age: 75454
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 22:12:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
308880bbeca928e94093a245e2eb0dd6
86f839f4e2409598527d68301b06235fac0b6a6b
ef266ba4d6feb11dfb86369171b565c577a7a72c2fcf0fa5bbb28fc54748779d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF266BA4D6FEB11DFB86369171B565C577A7A72C2FCF0FA5BBB28FC54748779D"
Last-Modified: Thu, 01 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10138
Expires: Fri, 02 Sep 2022 01:01:48 GMT
Date: Thu, 01 Sep 2022 22:12:50 GMT
Connection: keep-alive

www.app-utente.ddns.ms/titulare.mobile.appkey.it?https://www.nexi.it/privati/servizi/area-personale.html

45.125.66.70

301 Moved Permanently

410 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it?https://www.nexi.it/privati/servizi/area-personale.html
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
410 B (410 bytes)
Hash
77f5b47eac0a476af0a4da82136b0508
ca3845241ef7fe7620cf0cc7a578d5a8a1f12920
082324c1f0d239e82a547a91bbe8c5205b0eda1e975c668b797a854eed3ff9ff

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 22:12:50 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
Content-Length: 410
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html

45.125.66.70

200 OK

348 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
348 B (348 bytes)
Hash
245d8e69059dbdec5441b62d26ff2c64
577af40528d92a6d4382a3813e9d16c9562d8e81
59334eec17b491c5823e116c84d8b6afc688c6d1ac3d43b34126efc8e07f17e7

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:50 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: real=OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 348
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 01 Sep 2022 21:57:05 GMT
Cache-Control: max-age=3600
Expires: Thu, 01 Sep 2022 22:02:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8l72ErDSC3DUsJgqB-VPQ80w0DnDy-TEhgq9H0ilA6-vzh6FfDpOSg==
Age: 945

www.app-utente.ddns.ms/favicon.ico

45.125.66.70

404 Not Found

285 B

URL HTTP/1.1
www.app-utente.ddns.ms/favicon.ico
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
285 B (285 bytes)
Hash
4e390e411563d80348c4a98e95da10c5
9aeead57c05dee8cdb8f6a1bbcc04df51a45ddae
c3f509f0a5a01224e5057a8836850f12222d7becaeedc205675432ecb1964391

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 22:12:50 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 285
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 22:12:51 GMT
Last-Modified: Thu, 01 Sep 2022 20:23:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.80.175.197

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.80.175.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7aJr/sah/Dcj2GOA4nUCDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Olz6hQLyqub6ft1eUnpSeaWND4A=

www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e?https://www.nexi.it/privati/servizi/area-personale.html

45.125.66.70

301 Moved Permanently

450 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e?https://www.nexi.it/privati/servizi/area-personale.html
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
450 B (450 bytes)
Hash
37c91a8d7e44c486db48eb78cd998122
9a2829bbfdfb7161fc68f11ef70e18b956452596
132b944a30efb12939ef79b89edeb14fd1c2e0a8ae081ad51679c54992f4727e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 22:12:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/?https://www.nexi.it/privati/servizi/area-personale.html
Content-Length: 450
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/?https://www.nexi.it/privati/servizi/area-personale.html

45.125.66.70

302 Found

0 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/?https://www.nexi.it/privati/servizi/area-personale.html
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Date: Thu, 01 Sep 2022 22:12:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: bid=c4bf667921000f0cedf1dc4392bfee3e; expires=Sat, 01-Oct-2022 22:12:51 GMT; Max-Age=2592000; path=/
location: login/?https://www.nexi.it/privati/servizi/area-personale.html
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html

45.125.66.70

200 OK

5.1 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2815)
Size
5.1 kB (5097 bytes)
Hash
112cc4604b1e61bfc39e13de58e21249
ee6e882f007826c721860e6bfa6a0a5905ed881c
8d0e2c7144405b2701091d370e997eefb0fb320ba57386883da080d073ed9f98

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/?https://www.nexi.it/privati/servizi/area-personale.html
Connection: keep-alive
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5097
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/jquery/dist/jquery.min.js

45.125.66.70

200 OK

30 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/jquery/dist/jquery.min.js
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with very long lines (32058)
Size
30 kB (30138 bytes)
Hash
3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 05 Jun 2017 03:55:06 GMT
ETag: "15283-5512e77ee3a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/ua-parser-js/dist/ua-parser.min.js

45.125.66.70

200 OK

6.1 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
Unicode text, UTF-8 text, with very long lines (16817)
Size
6.1 kB (6063 bytes)
Hash
14da93cff6d49885bf214d2503f614db
04d64d738cd0fd2b4eee3b8abc5326dfda3f1dea
49e584e9a0aee55b81771b9e010ccf1da6278da03fb8ddba07ef7a1f0a126732

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 12 Oct 2017 08:16:24 GMT
ETag: "4298-55b5527f0e600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/font-awesome/css/font-awesome.min.css

45.125.66.70

200 OK

7.1 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/font-awesome/css/font-awesome.min.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 09 Apr 2017 04:29:24 GMT
ETag: "7918-54cb44da47100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.js

45.125.66.70

200 OK

4.0 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.js
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
4.0 kB (4019 bytes)
Hash
7c8bd0c35f152ecc839349fc096a7316
172c05793d2b4a32b983b2183d290df61348144e
e3513e4ff663a665d9fa2b474c902444341024828a1bda4521edf660418aa2d1

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/core/form/core_form.js HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:10:31 GMT
ETag: "3fda-596db5fb11bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4019
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/token/core_token.js

45.125.66.70

200 OK

1.4 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/token/core_token.js
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
1.4 kB (1431 bytes)
Hash
715880a9d6da7f01e624f6669fcc99bf
fa51999ee6bfbfe9361d2248b5429c260f205194
3b31e617e97a433067b65cf16dd953c5e04e9746a342a4284f9e3b3beba04a11

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/core/token/core_token.js HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:08:32 GMT
ETag: "22fd-596db58995000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1431
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.css

45.125.66.70

200 OK

665 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/core/form/core_form.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
665 B (665 bytes)
Hash
268653a679c54f58ddfbd3a1dea26e81
9cdfb1a2f3fa2498d5c477ca47f6b20b59a041cf
7cfe7376e45f6f27808c9313a426d2361eae0dc005983111dde6a5e88d00a7ed

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/core/form/core_form.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 07:58:11 GMT
ETag: "a9b-596d124a9eac0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 665
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/css.css

45.125.66.70

200 OK

121 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/css.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
121 B (121 bytes)
Hash
388da9932145e417adb96e2e88a9c1bd
6add9b7f63d23638b807662588944a01a57a5ae9
faebec4e15b72ea3d0c455f14f1e48a08bf5cf26462eb078f2d7b4d19d098d1b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/form/css.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:43:05 GMT
ETag: "90-596dbd428c840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 121
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style.css

45.125.66.70

200 OK

3.4 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
3.4 kB (3431 bytes)
Hash
319ebfc54b48fd3b3cf2613ad74c03ac
22ceec21aaf2f6bbbd0705fc5c785dbbb6890b5b
d82bd0b8e4e0d03d38826b2603b22f773575ff9068faff1f5187cfe509d3e360

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/style.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:39:00 GMT
ETag: "4452-596c5fa8fb900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3431
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/css.css

45.125.66.70

200 OK

602 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/css.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
602 B (602 bytes)
Hash
0be73f2e004f675f5b54b4630bd826df
1809f06b66415c6782c92e4acbc897857b543f22
c942be2806f9a69273d5983195617ee3e3eb3799245e2f8012382318442abca3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/css.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "10ec-596c5fa713480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 602
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/form.js?v=63112e6424d52

45.125.66.70

200 OK

626 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/form.js?v=63112e6424d52
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
626 B (626 bytes)
Hash
c0328e89fb60d267fbbb17f437914c3b
8cfdbf9752314ade4ffc65f933f8a04917aaa958
ddd5d1ad5bfe667d81b83760d5f0fe6cc80e8d2546698f97a70fc577e41479c4

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/form/form.js?v=63112e6424d52 HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 22 Sep 2019 09:13:10 GMT
ETag: "a49-59320b6489580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 626
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/angular/angular.min.js

45.125.66.70

200 OK

59 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/bower_components/angular/angular.min.js
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with very long lines (552)
Size
59 kB (58946 bytes)
Hash
ef8273bb5f21cf02cdb9ccd56513e7c1
0de400b680cfc9a05f3d182ea010b4ecb6166f7a
369f26576626b7705342e67ae37363858a5655c66755ddff450054dfe9c70bc4

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/bower_components/angular/angular.min.js HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 18 Aug 2017 14:37:28 GMT
ETag: "2937c-5570811783a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/ng/ng.js?v=63112e6424d8d

45.125.66.70

200 OK

1.1 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/ng/ng.js?v=63112e6424d8d
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
1.1 kB (1107 bytes)
Hash
678d911920b638e0348fe1d1221bc98d
254a44adf9d27886ebae3416410f2cc9ca41e1e1
a2d2430fdc89c9d502c5115a37dc26d1f409cdb86ab243187643783cabd1d3d1

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/ng/ng.js?v=63112e6424d8d HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:43:50 GMT
ETag: "c50-596dbd6d76d80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1107
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/token/token.js?v=63112e6424dc4

45.125.66.70

200 OK

516 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/token/token.js?v=63112e6424dc4
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text
Size
516 B (516 bytes)
Hash
618403e922584d493d90e88a9a151cda
f44949bed024bdb5d49eda5d16f8252eeb09f691
d2c7111a465a323d5a08768fe787b09c8858c764de8ee7c8c95570b08012e8ce

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/token/token.js?v=63112e6424dc4 HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:23:09 GMT
ETag: "4be-596db8cdf4540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 516
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style-1.css

45.125.66.70

200 OK

70 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style-1.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with very long lines (685), with CRLF, LF line terminators
Size
70 kB (69737 bytes)
Hash
127eedd202127bf5d5a05cc076b2c6b2
673b466dad34317249322691e040c747e23d4de1
5854f5eaff334ab480506c2ea7661d7a9592ca0e63a1cfa3862f2528b69ac7fb

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/style-1.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:39:02 GMT
ETag: "88aed-596c5faae3d80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/index.css

45.125.66.70

200 OK

23 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/index.css
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with very long lines (1484)
Size
23 kB (23231 bytes)
Hash
e46b8b7cc0017119514cb5c9fda219bb
b0e856124b2a2104387a44f312180d6db5834644
a732c4026f1b3f957b8d7c1adc46a77dd4f0f6da10c864f3a43eeed5c9c4f793

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/index.css HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 08 Nov 2019 20:45:09 GMT
ETag: "3f39b-596dbdb8cdf40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23231
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/google_play.svg

45.125.66.70

200 OK

25 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/google_play.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24914)
Size
25 kB (25343 bytes)
Hash
9f366adad75cc2c3bf7d704939967a7b
54264a40ad66760e85e4a7407f78a94ccfe754d1
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/google_play.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "62ff-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 25343
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-phone-warning-white.svg

45.125.66.70

200 OK

3.9 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-phone-warning-white.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3881 bytes)
Hash
8ca4186994be106eea6423d4f2d9af10
4963eaacbdf6ba1cf7c529694ec488eea950bc92
c8e1f312e86564f3d293bb04806f55d4296cc3342321655bb738d7d61eeeef22

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/icon-phone-warning-white.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "f29-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 3881
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-blocked.svg

45.125.66.70

200 OK

935 B

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-blocked.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
935 B (935 bytes)
Hash
c3034188332fd8391df588c244a10a55
8a95344a40342edf303b04b994f1787dd2207efb
92751c1749c593c1ad2a7b61ff640b0dbb1a4c32db1981a523e5432cc35a029f

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/icon-blocked.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "3a7-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 935
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/app_store.svg

45.125.66.70

200 OK

16 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/app_store.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1295)
Size
16 kB (15816 bytes)
Hash
d11b30ed05c8b249efe85b47532305c4
e2be0738062a412e6a31b6bc67ea983b1db98732
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/app_store.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "3dc8-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 15816
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-close.svg

45.125.66.70

200 OK

1.6 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-close.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.6 kB (1576 bytes)
Hash
6a2b6418343e69fd866ebb827f33a2d6
4b6842649792e108920c211c2dca658e6f429734
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/icon-close.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "628-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 1576
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-close-white.svg

45.125.66.70

200 OK

1.6 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-close-white.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.6 kB (1591 bytes)
Hash
e61ea756f9b2ae7f774048dfbc85f1df
d50555f8f6e6882e1031332a76a48ab9709f13b1
32cde70fcb4ed6949904cec5ef9065adce2196b3e8216bb5874019a9efe96edd

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/icon-close-white.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "637-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 1591
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11846
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:12:52 GMT
Connection: keep-alive

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-phone.svg

45.125.66.70

200 OK

4.0 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/icon-phone.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
4.0 kB (4016 bytes)
Hash
ba155a06b6ed2efff975f38208ca03a7
e75f40d95197f19c38d900ac7c749857fbdb93f7
7e6f9ccce4ea514b53fb258d72b5682c74d1e81ef9148d3c406fbd03cfd56919

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/icon-phone.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "fb0-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 4016
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11846
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:12:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11846
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:12:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11846
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:12:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11846
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:12:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9642 bytes)
Hash
d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 2126
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6196 bytes)
Hash
5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 1026
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/logo--light-double.svg

45.125.66.70

200 OK

1.5 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/logo--light-double.svg
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1476 bytes)
Hash
77ef18d95472ac80e6e86cf40daf8d4e
9289a4e6397fb8374db9532c00b684d0568c9e2c
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/logo--light-double.svg HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "5c4-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 1476
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7156 bytes)
Hash
14e82032ab44011167c9d2d9695a3198
d3fda6718ab89268e82bde16b06a96354fa3d57b
2f073e250e9956e82038d29df1de50df864e2c22e4604bbd78d1e62188ae9197

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: e2b38429-0492-4319-9c72-5a1619c78420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMO2EKcoAMFrrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311272b-69d66f695cf1a07f0fae433c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7Tv0bNle7nahMFTDVzCbyK9BpyTmt7QOwq5zfH7niru7P1wxYy0Dog==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:52:20 GMT
age: 1232
etag: "d3fda6718ab89268e82bde16b06a96354fa3d57b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff072eb8c-1ad5-404f-85b3-2242f38757f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4924 bytes)
Hash
ae78f10cef02197bf19d5ff1d2703fdf
3f7dbd409d7d110b135ee32b8ebcdb9ac3591e66
b5c74c5cea04e6da2d3e886dd26adc83af98bb881aa134b7fa0693dbf8b90a52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff072eb8c-1ad5-404f-85b3-2242f38757f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4924
x-amzn-requestid: 89f18b72-50e3-4e1a-9a4a-e1e61d078fba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XW1o-GO2IAMFyxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305cfd2-0987c8217bfd77c91f107265;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 07:14:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F4gQvi_hdsdDXSys6Sv0-5XWXE-nMH6H-qb5jRvuln8o_r7SKdqU7g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:43:47 GMT
age: 1745
etag: "3f7dbd409d7d110b135ee32b8ebcdb9ac3591e66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 2126
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12204 bytes)
Hash
e10519422b7ff91c72bcf2234cea36cf
63cff2232383d9d7f2371d1f60cf7923b629fc82
71a4bfc0031e0f6152c441f4bf413c6e953f38a587a95900f3a6c63beecafb4b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12204
x-amzn-requestid: 5293c66e-68d3-472a-a6d2-69f161262f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMLDGK6oAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112713-66d01d9c2d12d55c465c5108;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6b6K6qPPzI8g3_MADZH84JtcPaDP00roz3A-6QEpbUY3boLIPOatjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:49:06 GMT
age: 1426
etag: "63cff2232383d9d7f2371d1f60cf7923b629fc82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

i.imgur.com/lQNIz8H.png

151.101.84.193

200 OK

4.1 kB

URL HTTP/2
i.imgur.com/lQNIz8H.png
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
PNG image data, 385 x 131, 8-bit colormap, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
c8ec33a7f60d9bf2bd70fe2096c58aac
2dc66c21fdd555ccac7742177acd3e75677c3d34
c12490d726ef93f69ec5c1368ab7b34269e9dd4e784f2e09a6e590a9002e3e0b

HTTP Headers

GET /lQNIz8H.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 08 Nov 2019 07:55:56 GMT
etag: "c8ec33a7f60d9bf2bd70fe2096c58aac"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 01 Sep 2022 22:12:52 GMT
age: 2032569
x-served-by: cache-iad-kiad7000031-IAD, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662070373.765627,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4119
X-Firefox-Spdy: h2

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-medium-webfont.woff

45.125.66.70

200 OK

25 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-medium-webfont.woff
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
Web Open Font Format, TrueType, length 24956, version 1.0\012- data
Size
25 kB (24956 bytes)
Hash
034fa219154a0eed22d6ef6ebd89c3a9
c8574cf3bfc69f53392d916aef929ccc882a9386
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/karbon-medium-webfont.woff HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style-1.css
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e; lng=it
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "617c-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 24956
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/font-woff

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-semibold-webfont.woff

45.125.66.70

200 OK

25 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-semibold-webfont.woff
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
Web Open Font Format, TrueType, length 25032, version 1.0\012- data
Size
25 kB (25032 bytes)
Hash
4e893a43d47ba798763b8990f9e07180
9ac339e30beac18d0a4aaecce5b66a723ec46532
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/karbon-semibold-webfont.woff HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style-1.css
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e; lng=it
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "61c8-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 25032
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/font-woff

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-regular-webfont.woff

45.125.66.70

200 OK

24 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/karbon-regular-webfont.woff
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
Web Open Font Format, TrueType, length 24308, version 1.0\012- data
Size
24 kB (24308 bytes)
Hash
e6b850dccbd545df306ea2f25452a124
08bdf0f61b8316130f85a2725dcbd7eb5a6dc750
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/karbon-regular-webfont.woff HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/style-1.css
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e; lng=it
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "5ef4-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 24308
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/font-woff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
118113afbe447ae60767d7b61edd3bd4
5fa04fb1a40097c0bf89a4956588658983b9d697
f36128481b3f21be44388c8f69221304182a8c3faa464ffe081325212017ea67

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F36128481B3F21BE44388C8F69221304182A8C3FAA464FFE081325212017EA67"
Last-Modified: Thu, 01 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Fri, 02 Sep 2022 04:12:03 GMT
Date: Thu, 01 Sep 2022 22:12:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
118113afbe447ae60767d7b61edd3bd4
5fa04fb1a40097c0bf89a4956588658983b9d697
f36128481b3f21be44388c8f69221304182a8c3faa464ffe081325212017ea67

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F36128481B3F21BE44388C8F69221304182A8C3FAA464FFE081325212017EA67"
Last-Modified: Thu, 01 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Fri, 02 Sep 2022 04:12:44 GMT
Date: Thu, 01 Sep 2022 22:12:53 GMT
Connection: keep-alive

panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371683&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662070371684

45.125.66.95

200 OK

57 B

URL HTTP/1.1
panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371683&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662070371684
IP
45.125.66.95:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
81442a3595a271f5b6494741d1b1a7fd
480dc6354b37e9f624e592090a16a45a5c1cc1ce
ad415727c57ca0302b92801677967b8e7fd8b1fe146c1c45d5a1cb6b35bc8e25

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
quad9	Sinkholed

HTTP Headers

GET /panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371683&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662070371684 HTTP/1.1
Host: panelumeu.ns1.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:53 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371682

45.125.66.95

200 OK

57 B

URL HTTP/1.1
panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371682
IP
45.125.66.95:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
ae27fe17d0f04ba67e3e9e6817bbc816
c3aa971d6816a288629af006465f830262c9742b
337faa496c5b0334375ab77343c1f1ec65a76518ae0d13b79342ba81e075bac7

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
quad9	Sinkholed

HTTP Headers

GET /panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371682 HTTP/1.1
Host: panelumeu.ns1.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:53 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/newloader.gif

45.125.66.70

200 OK

557 kB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/form/newloader.gif
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
GIF image data, version 89a, 480 x 480\012- data
Size
557 kB (557122 bytes)
Hash
ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/form/newloader.gif HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 16 Sep 2019 06:51:55 GMT
ETag: "88042-592a60a1618c0"
Accept-Ranges: bytes
Content-Length: 557122
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif

www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/placeholder_login_portale_privati.png

45.125.66.70

200 OK

1.3 MB

URL HTTP/1.1
www.app-utente.ddns.ms/titulare.mobile.appkey.it/login/placeholder_login_portale_privati.png
IP
45.125.66.70:0
ASN
#133398 Tele Asia Limited

File type
PNG image data, 1440 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 MB (1291583 bytes)
Hash
a0e51a5d24b4401c9297341ad69c7405
18da1c5fdf6547e7390f72427fccbc2667490f32
861a4758d8d84ee664daa9cebfccf9aa3ab671f213484cb1f5e9ce586670a89b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /titulare.mobile.appkey.it/login/placeholder_login_portale_privati.png HTTP/1.1
Host: www.app-utente.ddns.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/titulare.mobile.appkey.it/a1b2c3/c4bf667921000f0cedf1dc4392bfee3e/login/?https://www.nexi.it/privati/servizi/area-personale.html
Cookie: real=OK; bid=c4bf667921000f0cedf1dc4392bfee3e; lng=it
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 07 Nov 2019 18:38:58 GMT
ETag: "13b53f-596c5fa713480"
Accept-Ranges: bytes
Content-Length: 1291583
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371685

45.125.66.95

200 OK

57 B

URL HTTP/1.1
panelumeu.ns1.name/panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371685
IP
45.125.66.95:0
ASN
#133398 Tele Asia Limited

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
ae27fe17d0f04ba67e3e9e6817bbc816
c3aa971d6816a288629af006465f830262c9742b
337faa496c5b0334375ab77343c1f1ec65a76518ae0d13b79342ba81e075bac7

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
quad9	Sinkholed

HTTP Headers

GET /panelumeu1/uadmin/gate.php?pl=token&link=nexi_it&bid=c4bf667921000f0cedf1dc4392bfee3e&callback=jQuery32107494324279090459_1662070371681&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662070371685 HTTP/1.1
Host: panelumeu.ns1.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.app-utente.ddns.ms/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:12:57 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9040 bytes)
Hash
a6c03a9391cf529bf7354ef49730bf29
05e3b1ca0471c4a754beefd5fa5cf88b8d86c141
c0f03851ec2bb7dce175820e2d89112d4149c2bedee10b82ea7a751ca0fdc134

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409dfca9-6638-46e3-bd6c-98a42f043bc4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9040
x-amzn-requestid: 24ba8357-3dbc-4609-8998-a358d3b4c4cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLleHKxIAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-2b67e5bd14e08d5c3ccf352f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ot2ovRarFg0nSndNjtz8HZJjZ4zlgAoCZvQY1QLbjAaNUSzf7A4tVQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:38:30 GMT
age: 2069
etag: "05e3b1ca0471c4a754beefd5fa5cf88b8d86c141"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations