Report - ons.duckdns.org

Report Overview

Submitted URL
ons.duckdns.org
IP
82.172.56.12
ASN
#0
Submitted
2023-02-03 09:13:28
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
129
Network Intrusion Detection
8
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ons.duckdns.org	unknown	2019-12-17T01:14:04Z	2023-01-28T15:08:04Z	53 kB	1.5 MB	82.172.56.12
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.112.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 09:13:47	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-02-03 09:13:47	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-02-03 09:13:47	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-02-03 09:13:47	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-02-03 09:13:47	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-02-03 09:13:47	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-02-03 09:13:48	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-02-03 09:13:48	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	ons.duckdns.org/	598 B	2023-03-09	2023-04-05
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:59:32 Last Seen2023-04-05 02:07:02 Times Seen4 Hash 5cb105549fa0cd2607e3d362fe0e5a83 1532ccb257fe2f486af4a883e9d4bcbf20d3cc2c c313484a00ce9fc9d41374ecf91cd42be125e758cf069059976551791d22955c Loading...

	ons.duckdns.org/	37 B	2023-03-09	2023-03-26
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:59:32 Last Seen2023-03-26 14:16:17 Times Seen3 Hash 56b73b9bf4cdda4a0b7d352cf96caf18 317de7e78188a32ba359d35c92d9f9cd04619695 0b16830bbcba7110fee60881e8343accb75ad72d2eb2d5c9f2da54de38dc14e6 Loading...

	ons.duckdns.org/	155 B	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash e426c248796e9ae7be97f93bd147ff25 c08a1ddd45de5b5e2c696eb3373d7f9b73c33e90 c319261f789af13459efc709560f59ea3c2029d3db601833dc05f4820b630242 Loading...

	ons.duckdns.org/frontend_latest/core.f0d95c1a.js	19 kB	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/frontend_latest/core.f0d95c1a.js IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash a41805b736b01984c5596c87f559fe30 744de91671cebf46372691b43516062ea4af6291 7d0314629632259e61789bbf39ca0d534ba44252273b31e6796bd117af331e4c Loading...

	ons.duckdns.org/hacsfiles/iconset.js	3.8 kB	2023-03-09	2024-04-12
Pretty URL ons.duckdns.org/hacsfiles/iconset.js IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:59:32 Last Seen2024-04-12 11:12:01 Times Seen9 Hash 4514eaddb8720e9ca8b064e2fc90f0ef 4d5d504ed668a774b78faba2594b64f2039cb7c5 188fcaa160e2d356d41c46fec2dceb5c267c4d1f8f81e527142eb84f14a93447 Loading...

	ons.duckdns.org/frontend_latest/5c79c44d.js	12 kB	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/frontend_latest/5c79c44d.js IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash 8cebbb4303b174ee7b79d73de1ff8ba3 056032fbd6bb577168698f142ff8a4c916d184cd a73ed9eec360da8f1d23fcbd6319bed0c2b8859b1da9abe9ed2deab22306b4f9 Loading...

	ons.duckdns.org/	352 B	2023-03-09	2023-04-05
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:59:32 Last Seen2023-04-05 02:07:02 Times Seen4 Hash 60dd1b56db973c73405870f6a32d26fc 24735855e3d0864cbacf64980175530aedfb4840 9958301b8c49b4de12b9e072b9432bd9c329b4164f1e94f3a4e8faae745afa99 Loading...

	ons.duckdns.org/	228 B	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash 84add6e66b04e5ea474e0ca475f45ac0 71c8cb58675a575c4cce7dbab070b4239df4dc01 82a4d7fa45be484832e4320d3e78ba0e5d5ed98848b9d2c22cfda69b3924b957 Loading...

	ons.duckdns.org/	33 B	2023-03-09	2023-04-05
Pretty URL ons.duckdns.org/ IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:59:32 Last Seen2023-04-05 02:07:02 Times Seen4 Hash 670ca79f781b6cfc06720778c692f171 028f6c72dc425c95ec91faa647d1433e3789fa7e d899642b5a41a40624e14847b13aa6627658fb04e342db340cef8509ab27b30e Loading...

	ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9	202 B	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9 IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash 1f397f26ee85397f8edb96991a695d23 a8c670ab20e6888264ea087c9f4a58cc1ee6b2e7 42a733ff89fa36d0ce9d06d3c47b57bfe3c23707e670fec441bf6eed499ffabe Loading...

	ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9	59 B	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9 IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash f61545b1052272a23e001f9167275430 8d15ded82dc7bb0ad6dd066ffa69a9170df6ac69 abd01eed2afed59eaf07d8730cb5826b9cf1bc2200c3ee62cf1af66d01cf244d Loading...

	ons.duckdns.org/frontend_latest/authorize.c3bd8276.js	1.2 MB	2023-03-13	2023-03-13
Pretty URL ons.duckdns.org/frontend_latest/authorize.c3bd8276.js IP 82.172.56.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:33 Last Seen2023-03-13 15:41:33 Times Seen1 Hash 48bda4225c174047a081a310c2fd022c 44ce3850bbbd30e7e6b70c2731734e58757b7af5 51f2adf91623d088d5621149474f7629c60532a28f92eadd01253bdfcb7b17d4 Loading...

HTTP Transactions (148)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15362
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:13:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9376
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:13:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 08:43:34 GMT
content-type: application/json
age: 1783
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11411
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 09:13:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: YhtQB2VSEmuGCzr+h1l4QSL7YPLP13BCng8FyjI9mPimBZErpCojgE0jTdM2s12GW/qf15G/Gn8=
x-amz-request-id: JWNSYST5Z185266N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 08:52:20 GMT
age: 1257
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 09:13:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
722beecfa8fee1a28fe553f2f2eb5b5d
e6be9f03368df076f794c16bdf1c394a41e905a2
1176beae3d4e3675835bf3011cf3ff6dfe5550f340fba4b4b1c381021f3c0cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1176BEAE3D4E3675835BF3011CF3FF6DFE5550F340FBA4B4B1C381021F3C0CAC"
Last-Modified: Thu, 02 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Fri, 03 Feb 2023 15:12:48 GMT
Date: Fri, 03 Feb 2023 09:13:17 GMT
Connection: keep-alive

ons.duckdns.org/

82.172.56.12

200 OK

9.3 kB

URL HTTP/1.1
ons.duckdns.org/
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9081)
Size
9.3 kB (9331 bytes)
Hash
53a726ae57d297f65fe8a7c2e7a8669d
9602a7f04c7d7ec912437baa740bb5a47f1c6bc4
1f658d79a29cc506bbe61d1e02012c362843f33a62c95e3cdf0cd21a23296147

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET / HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 9331
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/static/fonts/roboto/Roboto-Regular.woff2

82.172.56.12

200 OK

65 kB

URL HTTP/1.1
ons.duckdns.org/static/fonts/roboto/Roboto-Regular.woff2
IP
82.172.56.12:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 64632, version 1.0\012- data
Size
65 kB (64632 bytes)
Hash
73f0a88bbca1bec19fb1303c689d04c6
463a07f5c66bf14e6d9d6e0f6d5e3fd3cb11f4ec
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/fonts/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: font/woff2
Etag: "173fc811fd9c6c00-fc78"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 64632
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/core.f0d95c1a.js

82.172.56.12

200 OK

6.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/core.f0d95c1a.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18670), with no line terminators
Size
6.7 kB (6702 bytes)
Hash
b36b5eb609f2de2fdeeaade3dda56c97
2187dacc8ee7da3d0247cacb59bf83a10950c7fa
aaf155583bd6deb6fd233aa8a68b26cecb6a050c7078e70f3a7e9dd86d41626f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/core.f0d95c1a.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1a2e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6702
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/hacsfiles/iconset.js

82.172.56.12

200 OK

3.8 kB

URL HTTP/1.1
ons.duckdns.org/hacsfiles/iconset.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (3381)
Size
3.8 kB (3842 bytes)
Hash
4514eaddb8720e9ca8b064e2fc90f0ef
4d5d504ed668a774b78faba2594b64f2039cb7c5
188fcaa160e2d356d41c46fec2dceb5c267c4d1f8f81e527142eb84f14a93447

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /hacsfiles/iconset.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Etag: "173ca133260424be-f02"
Last-Modified: Sun, 22 Jan 2023 12:26:43 GMT
Content-Length: 3842
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 08:49:06 GMT
age: 1451
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ons.duckdns.org/static/fonts/roboto/Roboto-Medium.woff2

82.172.56.12

200 OK

66 kB

URL HTTP/1.1
ons.duckdns.org/static/fonts/roboto/Roboto-Medium.woff2
IP
82.172.56.12:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 65484, version 1.0\012- data
Size
66 kB (65484 bytes)
Hash
90d1676003d9c28c04994c18bfd8b558
e24a020df79c6ce3bcc4a6a33930f697b8e1d6b2
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/fonts/roboto/Roboto-Medium.woff2 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: font/woff2
Etag: "173fc811fd9c6c00-ffcc"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 65484
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9

82.172.56.12

200 OK

2.4 kB

URL HTTP/1.1
ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2363), with no line terminators
Size
2.4 kB (2363 bytes)
Hash
e728b325b43fbc148ea0ac952ff3e1a7
4d0483935185f84ad8dbb68b611a42f8f3185097
6560d527d10aac0eaf9cb811b1a2a9b9ffa27edf2efb09435034359f49127be6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/html
Etag: "173fc811c201a200-93b"
Last-Modified: Wed, 01 Feb 2023 18:52:45 GMT
Content-Length: 2363
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/app.5e0fa6df.js

82.172.56.12

200 OK

86 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/app.5e0fa6df.js
IP
82.172.56.12:0
ASN
#0

File type
data
Size
86 kB (86117 bytes)
Hash
d98243723b82770c854f5ad3b8d9831d
c740c375fe9e5cb57e2fc44e42d758b59b3eb718
4593e436e9faf89c670756eaca18485f3ed8b3a3bbf4e4436c3b40168e30c07f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/app.5e0fa6df.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1d727"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 120615
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:17 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/auth/providers

82.172.56.12

200 OK

65 B

URL HTTP/1.1
ons.duckdns.org/auth/providers
IP
82.172.56.12:0
ASN
#0

File type
zlib compressed data\012- data
Size
65 B (65 bytes)
Hash
8dc1fb7809294aae0dd70347adc27ba0
d37d19845f13cb7d0d55c78472bb82ae200586fe
bf60fd50fb2bb3cba2dcbd28ba87ac6c971ffda95c867a9d7b9737de0e054eb3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /auth/providers HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 65
Content-Encoding: deflate
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8904
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:13:18 GMT
Connection: keep-alive

ons.duckdns.org/static/fonts/roboto/Roboto-Medium.woff2

82.172.56.12

206 Partial Content

33 kB

URL HTTP/1.1
ons.duckdns.org/static/fonts/roboto/Roboto-Medium.woff2
IP
82.172.56.12:0
ASN
#0

File type
OpenPGP Public Key\012- data
Size
33 kB (32716 bytes)
Hash
d63ec37c924c53436f0170531332c428
244377a1f11d7c126692f59a0e6bff67fb1b90d7
1d5edbb6033c23095b40ddab20f5f1022df21944b804de1c182158e578bcdbb1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/fonts/roboto/Roboto-Medium.woff2 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Range: bytes=32768-
If-Range: "173fc811fd9c6c00-ffcc"

HTTP/1.1 206 Partial Content
Cache-Control: public, max-age=2678400
Content-Type: font/woff2
Etag: "173fc811fd9c6c00-ffcc"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 32716
Accept-Ranges: bytes
Content-Range: bytes 32768-65483/65484
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/authorize.c3bd8276.js

82.172.56.12

200 OK

206 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/authorize.c3bd8276.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (23033)
Size
206 kB (206024 bytes)
Hash
38e1d30cbe113495a54709109cdadc5a
9703dc939987d9e12cbab0c2c03612dac52fe229
14e18dadcc3916cf78abfa3f068a1113f693b9e891a68e37f31d71402f1bed1c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/authorize.c3bd8276.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-324c8"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 206024
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/static/icons/favicon.ico

82.172.56.12

200 OK

17 kB

URL HTTP/1.1
ons.duckdns.org/static/icons/favicon.ico
IP
82.172.56.12:0
ASN
#0

File type
PNG image data, 64 x 64, 16-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16800 bytes)
Hash
ff66cb4b6922631e08d1538b361a2d2b
4ce9697fe6222031637c1be54b25fa2d07051383
892d336ba0b3ce7f94ebbcbe2fa5c3fcfdc79f25efcdc7a7e17918e85daaf9f0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/icons/favicon.ico HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: image/x-icon
Etag: "173fc811fd9c6c00-41a0"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 16800
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

push.services.mozilla.com/

52.26.112.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.112.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JVN3CFQR3YLnc7L+O7PVxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0ybAIKKV1XzdlVTSmmNXItzlmXA=

ons.duckdns.org/frontend_latest/5c79c44d.js

82.172.56.12

200 OK

4.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/5c79c44d.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document, ASCII text, with very long lines (8306)
Size
4.0 kB (3998 bytes)
Hash
af45294f29589c8bd1337061ac008de3
70b45086877b480c6e6db3a4669f728baa6f522c
67a8bf03a945ea1c18c3f08bb40194774df95e84d4a5e2d373d4d6aa902c4e08

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/5c79c44d.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-f9e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3998
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/static/translations/page-authorize/en-590333f09d689c1b9d620f53725ccf78.json

82.172.56.12

200 OK

716 B

URL HTTP/1.1
ons.duckdns.org/static/translations/page-authorize/en-590333f09d689c1b9d620f53725ccf78.json
IP
82.172.56.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (3646), with no line terminators
Size
716 B (716 bytes)
Hash
827508fdf084e8d3639fa5af0e1d31db
311f50341d204beebae3c0ff39ce4679e26aea1b
8745f67392b8e6e5f922c85b081c7aea5bc6b8955d375e6a417abdb2c6197b74

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/translations/page-authorize/en-590333f09d689c1b9d620f53725ccf78.json HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/json
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc81239373600-2cc"
Last-Modified: Wed, 01 Feb 2023 18:52:47 GMT
Content-Length: 716
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/auth/login_flow

82.172.56.12

200 OK

189 B

URL HTTP/1.1
ons.duckdns.org/auth/login_flow
IP
82.172.56.12:0
ASN
#0

File type
zlib compressed data\012- data
Size
189 B (189 bytes)
Hash
0be5a40c62d74e44cd5d7d31a63aa040
547bc90dddd6567f3f90de8f4e605efb67b41849
feab43e2bf2c96d6862486c10253ed9c4f205366c9095d5d828d73d70585b1b4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

POST /auth/login_flow HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Content-Type: text/plain;charset=UTF-8
Origin: https://ons.duckdns.org
Content-Length: 131
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 189
Content-Encoding: deflate
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/static/fonts/roboto/Roboto-Light.woff2

82.172.56.12

200 OK

64 kB

URL HTTP/1.1
ons.duckdns.org/static/fonts/roboto/Roboto-Light.woff2
IP
82.172.56.12:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 64320, version 1.0\012- data
Size
64 kB (64320 bytes)
Hash
d26871e8149b5759f814fd3c7a4f784b
6b773b76e0a6708ee4040733cd0c83278543864a
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/fonts/roboto/Roboto-Light.woff2 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: font/woff2
Etag: "173fc811fd9c6c00-fb40"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 64320
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/service_worker.js

82.172.56.12

200 OK

61 kB

URL HTTP/1.1
ons.duckdns.org/service_worker.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (60852), with no line terminators
Size
61 kB (60852 bytes)
Hash
155d73f2c4aa9b69fe1d82ccc862d77c
bc2790efbefd9db3f661e34059ede9c39bfd8f86
e4abcc3b9bcd8f09d2e476844188300f30293e9068bd259e811dfaf7f4f4b49e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /service_worker.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Etag: "173fc811c201a200-edb4"
Last-Modified: Wed, 01 Feb 2023 18:52:45 GMT
Content-Length: 60852
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/static/fonts/roboto/Roboto-Bold.woff2

82.172.56.12

200 OK

65 kB

URL HTTP/1.1
ons.duckdns.org/static/fonts/roboto/Roboto-Bold.woff2
IP
82.172.56.12:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 64740, version 1.0\012- data
Size
65 kB (64740 bytes)
Hash
b52fac2bb93c5858f3f2675e4b52e1de
977c5749fd06192dac5224811ed69e53a6b2b47d
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /static/fonts/roboto/Roboto-Bold.woff2 HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ons.duckdns.org/auth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fons.duckdns.org%2F%3Fauth_callback%3D1&client_id=https%3A%2F%2Fons.duckdns.org%2F&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9vbnMuZHVja2Rucy5vcmciLCJjbGllbnRJZCI6Imh0dHBzOi8vb25zLmR1Y2tkbnMub3JnLyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: font/woff2
Etag: "173fc811fd9c6c00-fce4"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 64740
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/

82.172.56.12

200 OK

9.3 kB

URL HTTP/1.1
ons.duckdns.org/
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9081)
Size
9.3 kB (9331 bytes)
Hash
53a726ae57d297f65fe8a7c2e7a8669d
9602a7f04c7d7ec912437baa740bb5a47f1c6bc4
1f658d79a29cc506bbe61d1e02012c362843f33a62c95e3cdf0cd21a23296147

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET / HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 9331
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0000f60c.js

82.172.56.12

200 OK

5.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0000f60c.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12294)
Size
5.2 kB (5249 bytes)
Hash
25211cf7011227186751979d8f3cecac
871a64cc9a738b013481d8740854931f01206341
46a0e219036333c776fe43e5cffae359287577b800d322ccf5bb9f29d60cce6d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0000f60c.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1481"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5249
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/01707d15.js

82.172.56.12

200 OK

8.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/01707d15.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11393)
Size
8.3 kB (8299 bytes)
Hash
0b756ae865ae7cf1e4ce860831eabc8d
aad992c2e493bd15fc5800f22acb77f02253160a
e4b0d7c5b8038d5f377abd274b699f89d5e794dc13c79dbad0efb5fe919b88b3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/01707d15.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-206b"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8299
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:18 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0171d620.js

82.172.56.12

200 OK

4.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0171d620.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9852)
Size
4.8 kB (4782 bytes)
Hash
d715c75d04e865990cd5038f481c67ac
c10a847b5be4cebb11a460e047ec2e0b5cd932cc
53dc95697dce173b970bdbdd23ef27b00eb751cce51d190b6cd94d1047ef7c6e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0171d620.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-12ae"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4782
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/017d2c0b.js

82.172.56.12

200 OK

11 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/017d2c0b.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10566)
Size
11 kB (11148 bytes)
Hash
912a32b03c6a2dade4538922a9d2a178
1ac23cf8cb48b631467a59892d256a47462bc837
2fe3fc092a69e68943ac48b190e4d93650bc65d42e506ff2601bf8f53bee13a1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/017d2c0b.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2b8c"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 11148
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/01d42aee.js

82.172.56.12

200 OK

6.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/01d42aee.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (14406)
Size
6.5 kB (6530 bytes)
Hash
364865671f4879f02caedb78cb0e7c82
ec3ba09d43fd67f70151ccae044c84ec9ec5a697
082ef003317d2ef3465975dc0a351f24cf0210664edb12ece1003ce176509a59

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/01d42aee.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1982"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6530
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/02286437.js

82.172.56.12

200 OK

3.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/02286437.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8536)
Size
3.1 kB (3051 bytes)
Hash
7680deebd1aea76b9cca8a99a956820e
7a9709d8b65fb033c9adeddf4c5b00eed2b8128e
e2899f36453fa9747111ae8bdd2f2f29e8cb0697c39d3399091a8e6fc8a68f58

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/02286437.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-beb"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3051
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/022c1cd2.js

82.172.56.12

200 OK

4.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/022c1cd2.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (8729)
Size
4.0 kB (4035 bytes)
Hash
ed928cf738e0cb34a4e254e22268c2cf
1219d5858c53a0c64e00d10a8bc12667fb1b52ce
dee30dd78402fe7f757dc330902e172e630b1c0fdc19acbfac133e82634a4a5c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/022c1cd2.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-fc3"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4035
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/02f40adf.js

82.172.56.12

200 OK

8.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/02f40adf.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (29618)
Size
8.6 kB (8625 bytes)
Hash
00f24929cf55f5f6932c256c6e3b805c
a6a096506e2c8df42791c850ad304435c2193d33
8495d9ab5a2f5a3b03b3f59ad40142ad9d03f3b6bcb83426919228a6b0cd2db0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/02f40adf.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-21b1"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8625
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/038c8a58.js

82.172.56.12

200 OK

3.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/038c8a58.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (7829)
Size
3.5 kB (3487 bytes)
Hash
fb3c731fc7aadb866e21ace96bd7a779
139bfeb56bee2af59c50bed7e8b3cc02edf0d536
a17fca352c813d7a8f901e721184b99964c70f5b5329a8040753813ecf14f4d2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/038c8a58.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-d9f"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3487
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0480b6e5.js

82.172.56.12

200 OK

3.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0480b6e5.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document, ASCII text, with very long lines (4985)
Size
3.3 kB (3278 bytes)
Hash
40dcdbda7c80e3dbf516e2a3fb938990
d5222ca52b0769d2c0a2a2e417140093cae75f6c
79103bb6c8318c9c5abbb6d9e78f03c9c5716ed13b1b979a33567eae8c0f65ec

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0480b6e5.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-cce"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3278
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/04cfcbe5.js

82.172.56.12

200 OK

4.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/04cfcbe5.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9840)
Size
4.6 kB (4590 bytes)
Hash
22eb51889a06d737517fbe3f50de8163
0105d2f5935b48e89d913540414da6f77f63c03f
f10f7dfd084c85ddfa4b3091761e93f3887e6cb5f622700aba4421c01d3a26d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/04cfcbe5.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-11ee"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4590
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:13:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:13:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:13:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:13:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 41118
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9130 bytes)
Hash
02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 40541
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9779 bytes)
Hash
352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHFZOsR12RXKLYytleVlHWCs7d46CwnTF0m0xgCPer5wu6SwAliKkA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:50 GMT
age: 41309
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:08:32 GMT
age: 21887
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3385 bytes)
Hash
703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M1ueeOY5WmuJwPyf4dPvRrjQfTU5d2G-2T3_6fLfTI4UTjuxZ-U4ow==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:46 GMT
age: 41313
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5898 bytes)
Hash
5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:09:26 GMT
age: 18233
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ons.duckdns.org/frontend_latest/056d9e6e.js

82.172.56.12

200 OK

6.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/056d9e6e.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11210)
Size
6.2 kB (6168 bytes)
Hash
b12d54a552c626e65f03cad0602a479c
f89a8a578034a0b925907cdc5937e29e15191682
b5decf1a3030f39cc1c8148662bd2b38c4747b6d3b5c733438d8682ededf0200

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/056d9e6e.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1818"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6168
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/057d4af4.js

82.172.56.12

200 OK

7.4 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/057d4af4.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11375)
Size
7.4 kB (7390 bytes)
Hash
cbdf8fa105dde2d5760cf3d1891b8ed7
f98047ab43b4727af489527db0a688c180e568ed
4024afaafc0ce1e7acc4a1f2b152651c363d0d61dbe385bf8b6a8e1f02f032d2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/057d4af4.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1cde"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7390
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/05980392.js

82.172.56.12

200 OK

11 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/05980392.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (30147)
Size
11 kB (11288 bytes)
Hash
c633c0a93549f637dbf9f4baa351aa4f
0900382f1b6662d5fbb554c17e12b8e4f671b6a4
c3b27dd2458a1085b520fd15ad332e2fde46628d21fca6370c49e878fe5a2069

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/05980392.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2c18"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 11288
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/05c2a860.js

82.172.56.12

200 OK

4.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/05c2a860.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10914)
Size
4.8 kB (4814 bytes)
Hash
b1770bb29941201e7ecd2bc2d5148173
bd330aa703e2788d5af7044ebc1278fca7c9e29b
10bd2aba1111db58eb27006dd478087cad8e313b3d739a2ec0375fe0c935477b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/05c2a860.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-12ce"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4814
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/05e274ce.js

82.172.56.12

200 OK

4.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/05e274ce.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12066)
Size
4.6 kB (4629 bytes)
Hash
b30bc8a049759e73365fd1d17eaa3258
8a8fcf4f0f1d44d384fa68f8dc24de1e111f0f72
7c16730b77de09d508c94d4470531bac354cd4dc7440a79c9a5aa434d59648f8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/05e274ce.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1215"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4629
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/06030a69.js

82.172.56.12

200 OK

3.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/06030a69.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12266)
Size
3.6 kB (3612 bytes)
Hash
c642f988f393048d34623c701755a7d9
5efdb1279f6590b8dcf52baec5d3674f7440a11e
849dbbf7e753618f700bdcf8a43ee2b871cadcb6a82947927d21d6139c9caa7e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/06030a69.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-e1c"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3612
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/063fe32b.js

82.172.56.12

200 OK

8.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/063fe32b.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11393)
Size
8.9 kB (8888 bytes)
Hash
7c28ba0b84e479e1d78bd067a5956b85
6d42e80fb27e2763f6abfa34bf96e3d595034614
3da3ce4cd255911763d29e2436da1c1adf09ed690e8d199cad9a2d5510d074b9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/063fe32b.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-22b8"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8888
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:19 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0649eef7.js

82.172.56.12

200 OK

44 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0649eef7.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10347)
Size
44 kB (43741 bytes)
Hash
d3203a5a4f86bee5aab6420a374f717c
1f320113a4234e3b601427c21e4ab5cacf667d8a
edd260d6475d285dc2a5b9660c20d8c5bf22d098c5c7028c8954c6d6071fb7bd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0649eef7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-aadd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 43741
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/066383ee.js

82.172.56.12

200 OK

5.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/066383ee.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9622)
Size
5.6 kB (5588 bytes)
Hash
cd6e50f92b72b86b9d6ba5da3435e7ef
5e200c5951330004f67cc6dee426522ff1f5c96c
b68d3ab61c0a030bb3221fa30c5fd24eb6088b24ea551a5623df7560a0093fd3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/066383ee.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-15d4"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5588
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/07f46d24.js

82.172.56.12

200 OK

14 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/07f46d24.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (29970)
Size
14 kB (13527 bytes)
Hash
712e8841cd31378eaba560834316d9d2
58cefcce0ab7fe64cafdbc2fd6dec80e0d133401
0f34202ddf1832fc5b7040d333ce8c371528b124c6e68a7604b9c98a72423c8b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/07f46d24.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-34d7"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 13527
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/082ffdaf.js

82.172.56.12

200 OK

182 B

URL HTTP/1.1
ons.duckdns.org/frontend_latest/082ffdaf.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
6d9be493e219acdc77acd8f81e065676
88a16e80bddd7885495d2737bf57ca0894889332
a84f337e15a7d421eed5be1adacd84c5c325625c3e336a3bb4e896ebcb4bfa78

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/082ffdaf.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b6"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 182
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0840b21f.js

82.172.56.12

200 OK

5.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0840b21f.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (24831)
Size
5.0 kB (4967 bytes)
Hash
dbb0049427449b3dfbeece708a7b4aef
a77aadc33161d8abe90035fd14e2fc24ea73a4d5
3ca56b305d0d23b7736cfc1e88b2a55afcf751bb0bb6d8d4b295098bf420fe8f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0840b21f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1367"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4967
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/084385d1.js

82.172.56.12

200 OK

15 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/084385d1.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8957)
Size
15 kB (15294 bytes)
Hash
20a3df7fa2c9282009a9722fc45e6137
0785390ddc299c6abf444446eb299420bcb3a639
9891f47010cc3df714a5bdccc65f1e6b461d9e8392dde2847d71dfcdcc9b0786

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/084385d1.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-3bbe"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 15294
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0932801f.js

82.172.56.12

200 OK

6.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0932801f.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (9853)
Size
6.2 kB (6186 bytes)
Hash
a16da77ed5c32417f173220f6e910082
1cafb300e7944e79191e511c27ea8559005c120d
6615bf981b4f2715fed59c263ac06322a9e767469875900cdec23750c25012bb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0932801f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-182a"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6186
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0a5e81d0.js

82.172.56.12

200 OK

8.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0a5e81d0.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11393)
Size
8.3 kB (8282 bytes)
Hash
d9a0e556cf3b1b53822f003f4a179bbd
8212638783d662552982c01b25a06b071160f9e3
42157e29254a61fbb331567c47f441f11c28fdfa0c269ef5f97ab7f16952371c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0a5e81d0.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-205a"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8282
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0a71ecb9.js

82.172.56.12

200 OK

8.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0a71ecb9.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (10053)
Size
8.7 kB (8652 bytes)
Hash
38223dbb748ca578695817d6c0ccd3f2
96f9a3f513e86a93433010e283936a1fe64f60f8
17361eb3c86d47b43ef751e6e415f6e7410e0d97b1bbea60bfdc748edbc6a7bb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0a71ecb9.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-21cc"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8652
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0aab500e.js

82.172.56.12

200 OK

6.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0aab500e.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11419)
Size
6.8 kB (6794 bytes)
Hash
182d6b031b51df07a90fff2639de9d45
ced3e7aaad531a03513d1d32df3860bdbe9d09af
84d583b5cc4a643d8836b5d881bfe0008f3f3e514ca43e64a2f2f2627e56c3c4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0aab500e.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1a8a"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6794
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0ad32641.js

82.172.56.12

200 OK

5.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0ad32641.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (30440)
Size
5.7 kB (5696 bytes)
Hash
c35a3278f352c20ebe83f06e5eecad74
d9304219bc7e03f8525f692ac3ec32f2a856ff95
7845f81d875bcd7c2d868c8d5358d8891e6c00cc10443e561015b1b0058e79c6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0ad32641.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1640"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5696
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0b1f0069.js

82.172.56.12

200 OK

12 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0b1f0069.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8862)
Size
12 kB (12001 bytes)
Hash
3f1721a67eb3c895bcdde9d3ab5fd1d2
554f4f770b1f07e35063e74f2685818818cc9c2b
0b685e2665a4499b2d7718dbd6ef97d62d5a90a169954beed1e2b59d31f33d9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0b1f0069.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2ee1"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 12001
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0b47ff1d.js

82.172.56.12

200 OK

8.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0b47ff1d.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11781)
Size
8.6 kB (8561 bytes)
Hash
c269722802d04fca887ed35a3bc7f24d
88cd52f6c1d588bc6851ee171913cd5355a0c005
34d20f662af461dc02193dce00fc023b8bc42b3892616ca381444dd279132787

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0b47ff1d.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2171"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8561
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0b950b21.js

82.172.56.12

200 OK

2.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0b950b21.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (6636)
Size
2.9 kB (2947 bytes)
Hash
59a6592c14541951261bbb1ae7cec76d
8da9b0d75c6e1188ad0e31973a09515d525710f7
6af16c6e651b298fdd405b67133821a323c7ae5fcae6a8572d92aa256a9f3b84

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0b950b21.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b83"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2947
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0c03764b.js

82.172.56.12

200 OK

3.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0c03764b.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (5804)
Size
3.5 kB (3533 bytes)
Hash
10efff2e7a6625ef30f5e0bfe95f8103
4acf4aa17fb7a178cd4acfa9580f32ddf94ab157
43bc75bbf6ec241deca690a9d65fb7fa38a90c0ed96a52db5ebda74636b8b0f6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0c03764b.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-dcd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3533
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:20 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0c732a44.js

82.172.56.12

200 OK

16 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0c732a44.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document text\012- HTML document, ASCII text, with very long lines (11575)
Size
16 kB (16134 bytes)
Hash
6eaf8a2ae018b78b992d62ce993fbaf1
2f17690be93c324b3b53ac929ba66b87dfd6778a
66f6fe35d8b30cc7b55d01f162ae23240de19eb53049ba552840025b85d93f21

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0c732a44.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-3f06"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 16134
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0d17a9a5.js

82.172.56.12

200 OK

5.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0d17a9a5.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10583)
Size
5.7 kB (5662 bytes)
Hash
e7ed90556d65c3643ae1894e591f148b
c06b366e1836103e39b3a706255cfbecd110355e
8b4c76b412883f1d2e820a8687b8f343ad325f71bd0c05682c8a66e01a6d00d5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0d17a9a5.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-161e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5662
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0d92d09e.js

82.172.56.12

200 OK

3.4 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0d92d09e.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18828)
Size
3.4 kB (3422 bytes)
Hash
20de30623544cbbac87f83679377a554
fae09b8aecdfcb8374941162459257752b4f85c6
72172ab52f219f7c9ed466759272a153ec6e39b90ecdfb320a57d706e9ca3a50

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0d92d09e.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-d5e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3422
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0df8f463.js

82.172.56.12

200 OK

7.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0df8f463.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10800)
Size
7.6 kB (7592 bytes)
Hash
e10d69c9ceba0225a110e6f69ec767d3
79c7eb851c3bbb5a28e2215d1506e0ce6cbc390a
9f69912e4ad62afd74edb428f9160701477e28a464aaba21cfaab476640b4734

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0df8f463.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1da8"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7592
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0e09a5e7.js

82.172.56.12

200 OK

7.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0e09a5e7.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11878)
Size
7.7 kB (7661 bytes)
Hash
67f73719037bc3e26c94184920b7de78
7ae6fb07fea0f4bdb7b7c2691893ac5cfa8cdf7b
8f47a3fbcf36ae96fa731619fd63df90cba10b9f6c7095d64bd93b84c6728ef9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0e09a5e7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1ded"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7661
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0e43794b.js

82.172.56.12

200 OK

9.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0e43794b.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10268)
Size
9.2 kB (9213 bytes)
Hash
f1df3df1b77b68d11e3e54c78274d615
a56a5f53a14f69d919c2feb21d3a1358409360a8
996c728b924c6861ae880bca2783ebac149cadd1e5447b241beed5586252c88b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0e43794b.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-23fd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 9213
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0ec6c8db.js

82.172.56.12

200 OK

2.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0ec6c8db.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8237)
Size
2.9 kB (2935 bytes)
Hash
123bd565ef87271950ab2c5fd6de3ab8
1581de72a8589cb91a533c1d84ee29a1b4cc5946
8e42a388dd9cb68d03e2df80b0efe425794893062b0e8dcec4ed115637f1b0d2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0ec6c8db.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b77"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2935
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0ec86585.js

82.172.56.12

200 OK

5.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0ec86585.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9700)
Size
5.7 kB (5703 bytes)
Hash
aa8edc9b49d0a046e6bf57e11fdc066f
2deec08df0bc7490db610f5aa3252721c4c35500
5b0a066ceb02a9cb3b7971a0e04580261db69a3c2d12afad7ce7e5966abe15cc

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0ec86585.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1647"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5703
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/0f24f8a3.js

82.172.56.12

200 OK

8.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/0f24f8a3.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18176)
Size
8.9 kB (8893 bytes)
Hash
0c3d65d1be7f08cae09cc6461119e61c
e8e0bd37b8ab2ad1669501ddc86202b1c9e53565
991ed2078715ac3e314f5b39e77269dea221613566d63eed4d5bb817c31c5097

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/0f24f8a3.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-22bd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8893
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/106cad50.js

82.172.56.12

200 OK

4.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/106cad50.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9450)
Size
4.7 kB (4696 bytes)
Hash
0e28e5e54a8f74f27e5ebd7e67847f67
d0dba9aff885573d19d68fc3f58a5bfb0c5020e8
0af5900d45eee51b8b2106520a9e04a61100f91ca72b804c7254db29663ebd0c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/106cad50.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1258"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4696
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1074fa45.js

82.172.56.12

200 OK

3.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1074fa45.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12213)
Size
3.5 kB (3549 bytes)
Hash
c7f3feaa70f76ce4316a7268f265fb4f
49ca1737cf0f694aef4e8a22198ec55e55dd5de4
fd491fd7f1708943096cc4671fbaab6ed076be4eaac25d7e8966f7749fa82fe2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1074fa45.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-ddd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3549
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/11bf9f44.js

82.172.56.12

200 OK

3.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/11bf9f44.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (17593)
Size
3.8 kB (3843 bytes)
Hash
66ce8160c7044e648b04ca8ad297a8d4
3b0d8cb7b05bb98be5fe401ab13d1ef3995f9081
55767b57437795796104a943bb6d1044391dac6a78bae1d3ce6f275a46b66065

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/11bf9f44.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-f03"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3843
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/11f33feb.js

82.172.56.12

200 OK

2.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/11f33feb.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8223)
Size
2.9 kB (2885 bytes)
Hash
086c89a69b3c7d19feeddd08c68726b6
d6b351910f1b4133104457305453f98f4dae0968
01920d7cabc3db819239e39dfe0521a4ef045d9cff5153d43218c8209f4303d7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/11f33feb.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b45"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2885
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/11f6aebf.js

82.172.56.12

200 OK

3.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/11f6aebf.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11436), with no line terminators
Size
3.8 kB (3802 bytes)
Hash
1e949fa661810b125479adef7f043d96
8f3f7bf36bac81fbfca64350585973db487b702a
f8cfbff042f6f2b0317a9786a87dc1bd793d312c61d62c3557f0b9276994f4b5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/11f6aebf.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-eda"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3802
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/121f8e31.js

82.172.56.12

200 OK

5.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/121f8e31.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8558)
Size
5.1 kB (5062 bytes)
Hash
f46018f9eae9cac24f2ef5a8a1ec209c
ab2f8418414e3db03bbdf61c438c5365e1a9b68e
b70e64b6ca49357578f7aaf41f991700282d4984c9e863af996b8267f013b2f6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/121f8e31.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-13c6"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5062
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/123a2a53.js

82.172.56.12

200 OK

8.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/123a2a53.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18627)
Size
8.0 kB (7993 bytes)
Hash
f8a6e15c4fbddabe43f3ab57c3839085
ad1fcb56241645a3ea18ba436a6adf7ac5445342
a326432c151aafeba3ef19f59c4adf8d3769810330c3721d8fa5c54bc9d84a28

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/123a2a53.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1f39"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7993
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:21 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/124e85d1.js

82.172.56.12

200 OK

4.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/124e85d1.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10477)
Size
4.8 kB (4818 bytes)
Hash
f38478c48d3c17cb600f578ba8ff5b3e
d06c5d4431d139aae95a06d76652609b658a51a7
153b8fb0934169d0b8d79467f5cedc2dfd7e6ce51d06b619759611650be988ba

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/124e85d1.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-12d2"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4818
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/13265191.js

82.172.56.12

200 OK

3.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/13265191.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18066), with no line terminators
Size
3.5 kB (3459 bytes)
Hash
e027788c612ffc09fdd08f264b902ced
06ccefabe415217aa3d2c93fffa478830110a6b8
4704fb5e544c84ddeb401c6771abfc7ecbdd58ae8a54165fdedc19d629dd3142

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/13265191.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-d83"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3459
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1373cbbd.js

82.172.56.12

200 OK

3.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1373cbbd.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8799)
Size
3.0 kB (3039 bytes)
Hash
31791e27b46657e211d930adf69792d5
473bc86ab195b11b61b9496e8ee54d73da0dd147
43cdeaa6ed0790093c96e69e3e28f3369fe5c2aad3fa5cd2ee74de0b0ef7c0d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1373cbbd.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-bdf"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3039
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/13ed08d7.js

82.172.56.12

200 OK

11 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/13ed08d7.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (13900)
Size
11 kB (11322 bytes)
Hash
665e0121ac71e1e2cc48cab48f2d1a26
37dfaf1ffa673565e412a7dfcd5c0613e754d0a5
a6618d5f40c0e5c8722fe45aaf320bf32b3b9c18dbf073653b7ff45829c74f58

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/13ed08d7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2c3a"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 11322
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/147c459d.js

82.172.56.12

200 OK

6.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/147c459d.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10696)
Size
6.0 kB (5960 bytes)
Hash
3830a29f73d4b9ee2be00955218d0a1a
558dea6569265a52e1e50a2b4867fa26b73fb8f2
0419b6fb52f81a7094756932d0d8a4710e13155f9c1eac1f3ab3e688cfea1b62

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/147c459d.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1748"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5960
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/154593f6.js

82.172.56.12

200 OK

2.4 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/154593f6.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (5146)
Size
2.4 kB (2423 bytes)
Hash
732faa179117eebd8f32921cb4b60423
3d4572dc6bfe84dea6aca27ba71754d59cbbd990
6e44db739609b00f5363d8605c79b18262e0a1523c33b1ed3eb04f0f8248becd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/154593f6.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-977"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2423
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1583dc49.js

82.172.56.12

200 OK

76 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1583dc49.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65468)
Size
76 kB (76503 bytes)
Hash
a7bc33ff491d8a7934dd5e136a14e7b8
dad14b76c8621eb4dbb2d0059db18087561bdb29
dd3130ae97cb5e0ae24a3ccd4ef28afdf1441c42f1f9eb70b0a4b4584ffafb88

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1583dc49.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-12ad7"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 76503
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/15e1583a.js

82.172.56.12

200 OK

1.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/15e1583a.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (2861), with no line terminators
Size
1.3 kB (1267 bytes)
Hash
294fc37bbdde1e6d41c437af15dd3c52
308ef8b4d762f054210ce0811c70868a04a1398f
853ccf425af1e9d73142e21ee88ea0380578403a9aa986bb9b7af33676e44656

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/15e1583a.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-4f3"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 1267
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/15f8d1e3.js

82.172.56.12

200 OK

5.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/15f8d1e3.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (30440)
Size
5.7 kB (5701 bytes)
Hash
504e2ba9152c37b60192903e5c1aa110
be06afa67c8e3bc8384df5301601f000527ebc00
a5818ccf20e6c1dda270546e5eacd2f95cefda8e61643dfd5fdfaaf31aada063

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/15f8d1e3.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1645"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5701
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/161472af.js

82.172.56.12

200 OK

12 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/161472af.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (35555)
Size
12 kB (11910 bytes)
Hash
a97eb4efc9f4f2026c1633c87ab64f58
df7659925ec10e08be8c99475dfc837aad6c119b
9a105bddb99a683a16913ca343940659942d6296f062b01105df830525d5f981

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/161472af.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2e86"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 11910
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/16540215.js

82.172.56.12

200 OK

8.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/16540215.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (19000)
Size
8.2 kB (8225 bytes)
Hash
038e62b093144329448f7ab2faa00e3b
dc39eacea89f76abd0ab5c5aac883eaa2f8afaa1
9a8bc51bffef5658c41b23bac24a733a5161f87fe5e6e7fc14f53c69d0877006

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/16540215.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2021"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8225
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/166f1901.js

82.172.56.12

200 OK

3.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/166f1901.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (6728)
Size
3.1 kB (3065 bytes)
Hash
b7bda22dfa2e47cd3a3481853faed7bc
07a55aeb3c30f24da5d730154af3ed7879dc2c03
ebe85c8853d2c7e97f6bfcbe32d9f54962a4166005909c2c35f47e6360b30250

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/166f1901.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-bf9"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3065
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1698f270.js

82.172.56.12

200 OK

7.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1698f270.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (31517)
Size
7.1 kB (7062 bytes)
Hash
9cc7e7fb7771d846c041b362de7b63b6
0958570b526cf57e8bcbcf42820be05705313b99
89d6e5f934376e24dba9d7d0c633805330fc91db48f34c9bd34a4ab17a6b9c9d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1698f270.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1b96"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7062
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/16b9f5ee.js

82.172.56.12

200 OK

6.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/16b9f5ee.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9785)
Size
6.5 kB (6497 bytes)
Hash
79205eff35206a1d058b632de1b5495b
e0fdeadf795da1db894624e96a8a3ea16de8f061
7584390ef8088129781ca61465242ac6a31f47fb4e258f5eca99d47224ebbf25

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/16b9f5ee.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1961"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6497
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:22 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/16ba6965.js

82.172.56.12

200 OK

5.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/16ba6965.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (30440)
Size
5.7 kB (5699 bytes)
Hash
206adbff7a6f5370c777e6adc7b2e182
b9c1c7912ccea1143b0163ef51179acb9e527a08
cfea2385c992a9368a228a609083a7b9742ab4e0b3205e552799209fe73dd989

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/16ba6965.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1643"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5699
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/176a5384.js

82.172.56.12

200 OK

3.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/176a5384.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8570)
Size
3.3 kB (3333 bytes)
Hash
73783f7851b57abdba0b4fc464d9eed2
263b299afa680383b48b390e3b366e82e581e728
f0e100e0814111d7305aac764d10bfaae5e88b75d5671466e945220ec2e20ae0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/176a5384.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-d05"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3333
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/17854e2f.js

82.172.56.12

200 OK

15 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/17854e2f.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18665)
Size
15 kB (14924 bytes)
Hash
eae2c3c5848b2bd5be06c000f39228d8
ef92179ff2d61e28ec42c3733eb0b9769877d322
e4a03f5e6a34c7e260592d4f74a3357dffec206fe9802b383e23a7a7759829b2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/17854e2f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-3a4c"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 14924
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1793ac69.js

82.172.56.12

200 OK

6.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1793ac69.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9352)
Size
6.1 kB (6063 bytes)
Hash
dd4680ba61eb25473a4b5aa6d1a68876
d6984c37bddd4825bd68b87aa6a177bedb3f9b2a
b9723caee54f50801ed9f940c2bc06285a769a94a81faf9513365649eda5346e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1793ac69.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-17af"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6063
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1874d19a.js

82.172.56.12

200 OK

7.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1874d19a.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (11575)
Size
7.3 kB (7299 bytes)
Hash
babd8698df161cc18483c1108b115e72
3bf9dfb6615658c4ed270e63e19afab6d75ddac6
1e05abcbf22cd00be948ec261f3024f34a318a50c38c8a45a7a4493839d96ac9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1874d19a.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1c83"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7299
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/187c81c3.js

82.172.56.12

200 OK

2.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/187c81c3.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8252)
Size
2.9 kB (2923 bytes)
Hash
7b33b5563d5990fd1011856dc5631936
3289714bbd83a55872d0f3ff4b36b591f8bc04a8
8eeb08c6b2573958edfea564d0430e77d34c4f26c5ebb5876951d73384af77f0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/187c81c3.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b6b"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2923
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/18dd3f84.js

82.172.56.12

200 OK

9.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/18dd3f84.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10269)
Size
9.2 kB (9248 bytes)
Hash
1ffe87b4f60f0578dbd8b957b0e6a375
1386c1400263ed0e4476c5de07c5f4a9cd3f01f9
40e70a15b0d0d1d912f18f0e56ffcf4781427c0a02fb2c7a0ec9bc56c9ebffc6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/18dd3f84.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2420"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 9248
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/19143c7f.js

82.172.56.12

200 OK

7.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/19143c7f.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10536)
Size
7.0 kB (7044 bytes)
Hash
905653fca2388119303d90ac60e453cf
c0a6775f04eaa8fcdae57223268467ef9f2cc153
7294851510ef7f1439d616b956ba481bf42c59e18a27a68cac4d214501868c58

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/19143c7f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1b84"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7044
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1a663f29.js

82.172.56.12

200 OK

10 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1a663f29.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (18713)
Size
10 kB (10197 bytes)
Hash
1d730d2768342c8741a50347c3dc457f
92788cdd4f0b8add62d97155b7b8e07bca01a348
a42a317c8c20c3751ba9a7c885aa5967a76e84aecff4918871a9439f9049075f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1a663f29.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-27d5"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 10197
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1a8d63cf.js

82.172.56.12

200 OK

11 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1a8d63cf.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10269)
Size
11 kB (10591 bytes)
Hash
a7a5bcaffa269ac16c88d1fc2280dbdd
e65a6b2dd4b626c7f7596ce608762b46547fd1f1
2c556ee32bf4e0b67430d50747fe66c926a2d5317fc3d2135fb5f93de9edd61c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1a8d63cf.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-295f"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 10591
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1b1ee696.js

82.172.56.12

200 OK

7.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1b1ee696.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (20526)
Size
7.8 kB (7757 bytes)
Hash
9fb535ddd5d1441422d6dee6c4be9e10
26a3e4d198566f37b8711b066f3d6f7d1b29aaea
51de6642d602864c3f21d1c037280d4c89c8e739014c23b9fa2349f398c6cdc0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1b1ee696.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1e4d"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7757
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1b9484e1.js

82.172.56.12

200 OK

19 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1b9484e1.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10607)
Size
19 kB (18741 bytes)
Hash
34999c68c4749ef062b04f0e108b722f
52d79153a67abe21893c7a45f45ac0448ef1c82a
01028fb2c657b7eaef75ab8b8e6c8b6fcf02706a395f567ab9640dfc94026c41

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1b9484e1.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-4935"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 18741
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1bd45937.js

82.172.56.12

200 OK

4.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1bd45937.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (7169)
Size
4.2 kB (4184 bytes)
Hash
0d953824858cc700ff8cd68507bb1d09
73800a08eec785a3a1e760b3d7ec8a4f870cba6f
40e0c44934853915b01d7e44d079e097b2932bcdde40d1cc4569a89ef685800a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1bd45937.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1058"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4184
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1c9c34bc.js

82.172.56.12

200 OK

13 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1c9c34bc.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (16435)
Size
13 kB (13060 bytes)
Hash
43c20a71766fa7590808dfb8ae9fa6fb
da9878ecad9246c114207a93ee24197559a59fc9
c8f715192f77538922773fb7de110d18b4ca1e16fd6c00a580f034b25bb11a86

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1c9c34bc.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-3304"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 13060
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:23 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1cf47cd3.js

82.172.56.12

200 OK

2.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1cf47cd3.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8946)
Size
2.9 kB (2939 bytes)
Hash
b91f793105a10323c034cdca88b81b16
7a1a95d69892dcbd0bc511296aac6373d1da304d
39b76d774c0908535b35276ba9b1da6b182ffb40222bf7fed19d318be85ba3a5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1cf47cd3.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-b7b"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2939
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1d17484f.js

82.172.56.12

200 OK

12 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1d17484f.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (20686)
Size
12 kB (12002 bytes)
Hash
0a0afe545007227ef49bc701506a8d86
63f492c3d8205730b452fdc468df4d76b82e90a0
02aae7779b084bd6df4461df4636f5e9e715690cd8064b93ba95469a528b705f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1d17484f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-2ee2"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 12002
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1d1851f0.js

82.172.56.12

200 OK

5.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1d1851f0.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (14097)
Size
5.3 kB (5278 bytes)
Hash
4ab2a7711426f97e6207acb622cf3670
d9d32a07dfd910d45fbc823a064149d09ab7e615
87303ba27756715e59b1e3de09708fd4529978321f230e8e6a639f0aa20901f4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1d1851f0.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-149e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5278
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1d87e1f7.js

82.172.56.12

200 OK

3.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1d87e1f7.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (13363)
Size
3.8 kB (3807 bytes)
Hash
290443b1c5c8b842efcdd014b2d9b3a4
b451fcbc0c736ab855fe2577782fcbe4d4074b2e
01933f26ba5d3bd0279f6bb1a5e8d2e13f088051d91f6c22d312090b3c96cd9f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1d87e1f7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-edf"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3807
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1dd5af8a.js

82.172.56.12

200 OK

4.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1dd5af8a.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8723)
Size
4.8 kB (4770 bytes)
Hash
a3b26e1812a11b9ebafd38ecb099a0e7
1e5040fce59ac2ad8c452a683994aa0f53f36595
e2c679959e188489550a7c79beca94cab99c698845c6b6e6ac557f1440753045

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1dd5af8a.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-12a2"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4770
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1eff515f.js

82.172.56.12

200 OK

6.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1eff515f.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10437)
Size
6.3 kB (6301 bytes)
Hash
45c63e96459c587eb0b12abfce8825b5
c21bfb8a3f4f9787defcf1d336ae61a08b43a095
8fec4df12216f4a9f715e77b95dc09c4926466c48bfc3021b2121e0fcdac271d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1eff515f.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-189d"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6301
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/1f79c054.js

82.172.56.12

200 OK

7.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/1f79c054.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (12693)
Size
7.0 kB (6967 bytes)
Hash
a7ca0e2410041c128049c4be1726264c
22398526f0f5a30cb4623a096c73649d2d49eb1a
0578826148002037973aa54499186665526033dafc68a31f3317e74e8df2696d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/1f79c054.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1b37"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6967
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/200f97c8.js

82.172.56.12

200 OK

8.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/200f97c8.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (33979)
Size
8.7 kB (8679 bytes)
Hash
0f7794c5c1331d3a78b532f11083a38d
ae30a7602c01da41dcd6e1febd05ea00058ca4e3
5f4492541de3615bbd5bd3efa90c511d5f491f2e6d19519c0849390fa24fb81e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/200f97c8.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-21e7"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8679
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/20469e89.js

82.172.56.12

200 OK

4.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/20469e89.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8487)
Size
4.6 kB (4626 bytes)
Hash
a90af5175edd66849573a8b7b2fb0904
3954012c3f267b9bf8ae856584b7a183297e415e
8b511c0ee1c06147d1fddc4469002730a06989ca240a3a177c71c6c2f4925204

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/20469e89.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1212"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4626
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/206555ce.js

82.172.56.12

200 OK

8.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/206555ce.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (20148)
Size
8.6 kB (8627 bytes)
Hash
171cae5db9438583714d55abb762cbee
15b6b104dbdb7a2039602989073199d1ef546329
9d10d28ca03956edda6c365fbd17c1705529e00dd3ceb308915ffc33d4240105

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/206555ce.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-21b3"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 8627
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/20a74adb.js

82.172.56.12

200 OK

5.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/20a74adb.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8973)
Size
5.2 kB (5243 bytes)
Hash
cbb31bbaedfa97732fb1bcc3e79f56f8
3bb1904bb7327b145df34e15d0e1cbc2dc54b7d0
d844f9a37c8e3ff5f56590752601df506fbc23f923cb240c56e33d4ef971d95f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/20a74adb.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-147b"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5243
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/21169165.js

82.172.56.12

200 OK

4.3 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/21169165.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9456)
Size
4.3 kB (4310 bytes)
Hash
990ec2a31d7515fe4fa966768a48040a
29f63e52712858ca446ccf2a944fd80f9acf0505
e45bf8e7ed6598b2962abb1451f0d7c827493af0106b783b51bbeb92b1994c1c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/21169165.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-10d6"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4310
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/218278ed.js

82.172.56.12

200 OK

5.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/218278ed.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9242)
Size
5.8 kB (5810 bytes)
Hash
03e96310ec7cb4b4f8650de576292023
d849f392a645eb2a3e9f8da38045c3c7a1381bf1
ecdb849a15aff942ebafa79922194e6fb1778f68e02f2dc2ca856d481cb47006

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/218278ed.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-16b2"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5810
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:24 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2195550e.js

82.172.56.12

200 OK

5.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2195550e.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (10733)
Size
5.0 kB (5009 bytes)
Hash
38b5fa820da55717eca592748ba4ecfc
b7eabaf81e7cdb68b19f5c762170f07c3c163b4a
27235066ac310ddf37af3129bf0f2501a70ded29f2a6ae81d981eb28b67cce48

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2195550e.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1391"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5009
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/21ecbbac.js

82.172.56.12

200 OK

5.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/21ecbbac.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10386)
Size
5.5 kB (5526 bytes)
Hash
2a3b2f95cc9a994def2169928895a40f
8e05a27290a1baf11adbce7803494f4b3efd7f8b
40158899644dd5dfcc117d6e604e002908d0dc4271c50b9e465cd0536abe181c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/21ecbbac.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1596"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5526
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/22a02a04.js

82.172.56.12

200 OK

5.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/22a02a04.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (15671), with no line terminators
Size
5.1 kB (5074 bytes)
Hash
e8efd318cc1b33161bf67113ccf67b1b
1186ed300e26cafbc15ea3ce845bbff2d9438a1d
06fda8b7700c8055575617f63630eebb1f60e278334bb15e36e5a56082caa86c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/22a02a04.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-13d2"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5074
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/22d11965.js

82.172.56.12

200 OK

4.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/22d11965.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (10190)
Size
4.2 kB (4190 bytes)
Hash
77322d64d4eca63d5a88db443f996645
887fed713f8760125511f6c99edcb3ddab6b0fbe
ee0394a642015897fd579c5d2dc61f9f7bdf635f3a4574d9c6517e8fa9ba203b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/22d11965.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-105e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4190
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/22e35609.js

82.172.56.12

200 OK

6.4 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/22e35609.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (9352)
Size
6.4 kB (6384 bytes)
Hash
9ef161c8d667d73c54b43e1fa952b5d0
bb00d804e1bcb744dd293ca7fc2a94fe3aba6e15
ac7823291ce32b1ce00dc566e34d7af90734d393242c1fa238b9f8f538342817

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/22e35609.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-18f0"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6384
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/236bf133.js

82.172.56.12

200 OK

318 B

URL HTTP/1.1
ons.duckdns.org/frontend_latest/236bf133.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (522), with no line terminators
Size
318 B (318 bytes)
Hash
5b74a844b444e74438f76c9f05b2ee87
d8506863b6951535717d335fafde581d25f70240
4481ce9a73fd770271df2c48bec51ca8d86af7f5158a586c4fef22aed95bb04b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/236bf133.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-13e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 318
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2498c2a8.js

82.172.56.12

200 OK

5.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2498c2a8.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12659)
Size
5.0 kB (4977 bytes)
Hash
7a6f01f8e0e5ffedc5bad19f932a8f42
9c1e7fd0a4af5fc9fb9158aa30df90ba72a36ec7
aa87773f96b46449c192d96236d212ebe30f481205715a09c19d6e4d00dbcb24

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2498c2a8.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1371"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4977
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/255b8b94.js

82.172.56.12

200 OK

6.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/255b8b94.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9376)
Size
6.5 kB (6457 bytes)
Hash
f74827f2d1cd4607909f156fa37184e6
b8db32af439e0213f47adefff24e3c7095c2e99c
0eb565110ba03c9d50ef5bc5f867fbbee8129d1543ac40d9acd5e879b25ae19a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/255b8b94.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1939"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6457
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/25aba5b7.js

82.172.56.12

200 OK

9.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/25aba5b7.js
IP
82.172.56.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (11602)
Size
9.7 kB (9670 bytes)
Hash
52af662a53eb16667f58bb79ebdf576a
b98d71bcd2599624c1115087eba16da11e45a6bf
38d2810e782c57614c617efaed9e5e7d6c885bccb64178680fa898304b121cb8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/25aba5b7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-25c6"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 9670
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/263e3094.js

82.172.56.12

200 OK

2.6 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/263e3094.js
IP
82.172.56.12:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (4985)
Size
2.6 kB (2576 bytes)
Hash
f01f6e829c404c2eb3555f358ff39b9a
8addffa2940213065c32f647e9b03d15dad03924
61885db474e73e1bca488e67771e8b1a2ae6570eb8ec68416c642349c58202ba

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/263e3094.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-a10"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 2576
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/26d5e9bf.js

82.172.56.12

200 OK

3.5 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/26d5e9bf.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (5804)
Size
3.5 kB (3533 bytes)
Hash
b10d503ee4a2e1b2e6f88055b8a05acd
c3083de79e5cb7441dde920fa5e528beca2e6217
68b9df8a9cca74f3d2c33bb32dc09703af9cb5957a62576c1c0346a1c0e8dd4b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/26d5e9bf.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-dcd"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3533
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/278851d7.js

82.172.56.12

200 OK

3.7 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/278851d7.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (12290)
Size
3.7 kB (3691 bytes)
Hash
1c528eb87b58fe08046a647e2193d217
b5f189f8b2be30f97f8c4ca517138c498768caf2
a441235c3fd98f7328508f7e6aba5083440eb7ae461b20b43344460a093bf427

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/278851d7.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-e6b"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3691
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/279a7607.js

82.172.56.12

200 OK

4.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/279a7607.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8891)
Size
4.1 kB (4069 bytes)
Hash
b74b992b49d598e3164c8fc500a30745
5cfc466b0f8a277422be059cd8785bf223f58f06
e8c0b9dca465c3c5471893662e07c106460f58437e15ee55ae46c088a9eb2f0a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/279a7607.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-fe5"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4069
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/27d74215.js

82.172.56.12

200 OK

6.1 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/27d74215.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (31517)
Size
6.1 kB (6071 bytes)
Hash
ff56c43d3d4198ee50de6776a33b6be2
8a3b27436af58c0a6644a52776fc677b17ae6451
c38987524881b25acfeddbe40bcfd37a00238f9649cc623505ccc1cb8e31f7db

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/27d74215.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-17b7"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 6071
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/285afaab.js

82.172.56.12

200 OK

5.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/285afaab.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (13261)
Size
5.8 kB (5812 bytes)
Hash
f6c918720803a0b9c35b70c973da610c
55550139a1e192cc9f6ee9d3edea69543c1c001b
2c568594a346d074420a05fca13931de965681160e59b259f2ca9a4ea4f30cac

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/285afaab.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-16b4"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5812
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2936861b.js

82.172.56.12

200 OK

1.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2936861b.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (6110), with no line terminators
Size
1.9 kB (1920 bytes)
Hash
7f1b79bc6536206952b3fcd4a21ec3d3
5c8a45c7aef50edc4a6b5b2e132f29d07aac327a
5a29baed77f9ece32446c570413b89e4363111a94311e77c70631d6d987502c0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2936861b.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-780"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 1920
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:25 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/29fc46c6.js

82.172.56.12

200 OK

3.0 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/29fc46c6.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8544)
Size
3.0 kB (3027 bytes)
Hash
d6032e1010da06a6efed306b99f0f469
d3bcea5b3e3e42a29758a95bbb5ce09624ad37f7
9805bf1e1d9550a0bd7762bc54e3322de75395be740e9193ce2c279777c291a1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/29fc46c6.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-bd3"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 3027
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:26 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2a0b5785.js

82.172.56.12

200 OK

7.8 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2a0b5785.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (14727)
Size
7.8 kB (7778 bytes)
Hash
c9247a28b2109f1fbb2257e8192e27ca
0718f3d9252f14b9bc99eb7a663055cea74e113f
5cb753d7926621c7bcc8bcfe039f52e895a3f8d82aa64ca00edc8fd22d1e5b8d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2a0b5785.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1e62"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 7778
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:26 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2c16e823.js

82.172.56.12

200 OK

4.2 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2c16e823.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (9654)
Size
4.2 kB (4201 bytes)
Hash
7ba5444df8351f6988fc1af59323bf1e
439307498f0565d1c2b3c2adedda0fc9251ce060
b22500eefdb2c0c53c0ac8894ed6bb335435a122c0292b787e32c37ae7f5b543

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2c16e823.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-1069"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 4201
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:26 GMT
Server: Python/3.10 aiohttp/3.8.1

ons.duckdns.org/frontend_latest/2c6cf052.js

82.172.56.12

200 OK

5.9 kB

URL HTTP/1.1
ons.duckdns.org/frontend_latest/2c6cf052.js
IP
82.172.56.12:0
ASN
#0

File type
ASCII text, with very long lines (8810)
Size
5.9 kB (5934 bytes)
Hash
e4e54778f5be6cde63e1e02060f3783d
beae202d4e72cbc46d9e637712bcb041e46751c5
0117c8302d33d6806734e5fb23ea2733656401ef33f175fb7d9fb454564999eb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /frontend_latest/2c6cf052.js HTTP/1.1
Host: ons.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ons.duckdns.org/service_worker.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public, max-age=2678400
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "173fc811fd9c6c00-172e"
Last-Modified: Wed, 01 Feb 2023 18:52:46 GMT
Content-Length: 5934
Accept-Ranges: bytes
Date: Fri, 03 Feb 2023 09:13:26 GMT
Server: Python/3.10 aiohttp/3.8.1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML