Overview

URLibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3
IP 72.10.50.60 (United States)
ASN#398110 GO-DADDY-COM-LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 22:08:46 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts
30
DynDNS domain detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 No data No data 34.120.237.76
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
ocsp.digicert.com (2) 86 No data No data 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 No data No data 34.102.187.140
contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
ibxkeyyindex.duckdns.org (29) 0 No data No data 72.10.50.60 Unknown ranking
push.services.mozilla.com (1) 2140 No data No data 35.86.38.2

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 72.10.50.60
Date UQ / IDS / BL URL IP
2022-11-29 13:55:12 +0000 3 - 0 - 1 ibxkeyybank.duckdns.org/login.php?id=al411hlb (...) 72.10.50.60
2022-11-29 13:55:11 +0000 3 - 0 - 1 ibxkeyybank.duckdns.org/login.php?id=cc0mkkij (...) 72.10.50.60
2022-11-29 13:55:10 +0000 3 - 0 - 1 ibxkeyybank.duckdns.org/login.php?id=6m7o1742 (...) 72.10.50.60
2022-11-29 12:08:49 +0000 35 - 0 - 24 ibxkeyybank.duckdns.org/Login.php?id=cc0mkkij (...) 72.10.50.60
2022-11-29 12:08:45 +0000 34 - 0 - 24 ibxkeyybank.duckdns.org/Login.php?id=al411hlb (...) 72.10.50.60


Last 5 reports on ASN: GO-DADDY-COM-LLC
Date UQ / IDS / BL URL IP
2023-02-07 07:13:42 +0000 0 - 0 - 25 meragamou.com/ 72.10.36.24
2023-02-07 05:24:17 +0000 0 - 0 - 6 cdn.mds.com.cy/ 64.207.145.68
2023-02-07 02:59:05 +0000 0 - 1 - 0 myis.com.au/ 72.10.50.112
2023-02-06 06:24:56 +0000 0 - 0 - 6 cdn.mds.com.cy/ 64.207.145.68
2023-02-05 14:17:54 +0000 0 - 1 - 0 gswga.com/ 70.32.74.38


Last 5 reports on domain: ibxkeyyindex.duckdns.org
Date UQ / IDS / BL URL IP
2022-11-25 23:40:27 +0000 3 - 0 - 0 ibxkeyyindex.duckdns.org/Cloudfare.php?id=9fb (...) 72.10.50.60
2022-11-25 23:40:01 +0000 2 - 0 - 0 ibxkeyyindex.duckdns.org/Cloudfare.php?id=1ca (...) 72.10.50.60
2022-11-25 23:38:57 +0000 34 - 0 - 0 ibxkeyyindex.duckdns.org/Login.php?id=93kodjo (...) 72.10.50.60
2022-11-25 23:38:33 +0000 35 - 0 - 0 ibxkeyyindex.duckdns.org/Login.php?id=n96fedf (...) 72.10.50.60
2022-11-25 22:10:42 +0000 3 - 0 - 0 ibxkeyyindex.duckdns.org/Cloudfare.php?id=e63 (...) 72.10.50.60


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (49)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8994
Expires: Sat, 26 Nov 2022 00:38:29 GMT
Date: Fri, 25 Nov 2022 22:08:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4173
Expires: Fri, 25 Nov 2022 23:18:08 GMT
Date: Fri, 25 Nov 2022 22:08:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 22:08:35 GMT
Last-Modified: Fri, 25 Nov 2022 21:04:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: JAP6zlqVClfUzqLa5Io8kI6/VS7LvrSmQHIhXrhNt7hv17DVJmLjIUCgmnDkEAeOLkzbtOLz1SI=
x-amz-request-id: P2DC0GHVPKHAQ7YC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 21:40:57 GMT
age: 1658
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 21:19:09 GMT
cache-control: public,max-age=3600
age: 2966
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 21:11:11 GMT
cache-control: public,max-age=3600
age: 3445
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3 HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 22:08:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6092
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3638)
Size:   6092
Md5:    134b30bfc37998c477d66a856f568988
Sha1:   c060566f6a9fc003c5cbebbfdcca9326a2166b8d
Sha256: 2821a4f6222e174d81a74d51dbe711e5838fe7838f7ae27a64271e3a0103e548

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1877
Cache-Control: max-age=127772
Date: Fri, 25 Nov 2022 22:08:36 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:38:08 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /KeyBank%20Online_files/1.a4107d5847ce71ae19c1.js.download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 22:08:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23130
Keep-Alive: timeout=4, max=249
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23130
Md5:    e29c24984a8eab21640ab31fb09f9fd2
Sha1:   5fa927b96fe271b9293ec2c00a3d8d4f358faf44
Sha256: 52129238fc0ca44d0796279e7bcb543cae99b658e39a23f48b894143fb8d0f2b

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/styles-key.css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Wed, 22 Jun 2022 23:22:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1910
Keep-Alive: timeout=4, max=248
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1910
Md5:    16785f4b6f7d6201ca9ab816adafd975
Sha1:   d47a61fc64fc09b150c5b9a3aa94aec31173d256
Sha256: b0515dc48d33f39d559502dc60bcb197f1a4ea67edc01e30b6e29e3f252135a2

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B7HrrZzauOHoVNDPKqtxYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.86.38.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8DdCBVRh/rD1PMG+5WdK4JhOg1k=

                                        
                                            GET /KeyBank%20Online_files/RCcaa4e69ad2d64fb28ce705b92f818cb2-source.min.js.download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 22:08:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 422
Keep-Alive: timeout=4, max=247
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (590)
Size:   422
Md5:    7c3fa2fa268c8c345553480a2b701942
Sha1:   743869c756235537e36ededfd42dbedfe240198c
Sha256: 53825cdf8623ca17317efa7df6cc93a3e1fdbe227506ae60af254616c84005c5

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/kds-base-key.css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38834
Keep-Alive: timeout=4, max=246
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   38834
Md5:    c77ef70d3703726e9a10b8497eafe0b1
Sha1:   7737ee3dcd90c7c6b49c899e9a38f6f6114c5e7d
Sha256: 9a6b2c2f795a4f26d3a19de4db28ff08c6890be38673b829d3f130b409a82e42

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/ibx-globals-key.css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=4, max=245
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   148
Md5:    ef7118d6c9b03f948b3ef254a6bff500
Sha1:   1b395cb53a85f7599d27e878d22bcb71beda37b2
Sha256: 25155b54264bc8a778d8bb23a20a02635aa78f607ff998b0edc620a1e19e83bc

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/styles.css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2677
Keep-Alive: timeout=4, max=244
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2677
Md5:    0ba47cc59085b3ef0cf255a650c4dc50
Sha1:   fa73b364da9a17505ddb0daacfa146ec5f97362a
Sha256: 9680a66d20e252bf2069d8a4f973d74bd361b8a38b260ef4c7f2f548d8b316e1

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/styles(1).css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5801
Keep-Alive: timeout=4, max=243
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (28423), with no line terminators
Size:   5801
Md5:    80fc03a37cc10c9167ee1ae66196fa78
Sha1:   295b95897de967dcf2af0ce767e8188bc300c5ca
Sha256: 09f1a3c05ef8bd476f5960e1638e257704b3b3c54a32bb2f60f8764fc9cafad2

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/styles.a4962029f638dde4888c.css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32017
Keep-Alive: timeout=4, max=242
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65057)
Size:   32017
Md5:    dac89e68ac0692fb4cc8e09299981d80
Sha1:   2edd888c9fda9049eca5f493f889f44ba8158438
Sha256: 33c59d6a5843c4ed33c78415d41245f3ad5fcc262c489e68b8d295260b86cfc6

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/styles-key(1).css HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 22:08:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:37 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1583
Keep-Alive: timeout=4, max=241
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5309), with no line terminators
Size:   1583
Md5:    57a665598568e35bde9127353b4346de
Sha1:   3a8052b88cfc1ac3d0f553ecd9efeccdcf8447ab
Sha256: f2d651cf622c6aebca652e2360c8ec55ee371c9eca2432cabd1d690e171b45ff

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16250
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 22:08:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16250
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 22:08:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16250
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 22:08:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:49:49 GMT
age: 1129
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16250
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 22:08:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16250
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 22:08:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:35:09 GMT
age: 2009
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9q3QD5vpCSAMdyE4k9zFl4m6ZqvAhxHeSC2gfbMKoFLmwnLHFQMBZQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:47:10 GMT
age: 1288
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:54:45 GMT
age: 833
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 72070
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 62994
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /KeyBank%20Online_files/AppMeasurement.min.js.download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 22:08:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:39 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12198
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   12198
Md5:    43ac9bed86cc949973412961063fd592
Sha1:   d2ab17a9ccd4d3ff19e92d06a6d738176aa28b79
Sha256: d6fbb00f6485a026a4022ba6e6b03eec29744a6fd49a7acf22e7e6fb1752598f

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/7.a62d97ca86043da836ba.js.download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 22:08:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:39 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 52352
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   52352
Md5:    26a7031fb6d3e92bfd6c6f50741829e3
Sha1:   271ab055e3001411ae10c31e0b641dfc7a9fa9a3
Sha256: 6ec9a1ff0f309041941cd0486457a0d479b55636d482494214a4ae32a23c8031

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/AppMeasurement_Module_ActivityMap.min.js.download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 22:08:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1594
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3157)
Size:   1594
Md5:    62900254eec4dbd73dcade09d81d9b6e
Sha1:   c4cb248b06816b36d0e3957421a0df1416c959db
Sha256: b29b7ca86fc7011114566c19f547d180896583303cb7124bc71807ef4e613470

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/integrations HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
                                        
Date: Fri, 25 Nov 2022 22:08:43 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1369
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1369
Md5:    cf84880a2df4a45d70cec651b48dfaeb
Sha1:   f3e92d09686302fdc358e570f2d8d7716b66f15a
Sha256: b0a691c91918aa05044748ce13a047f4ae2db6170a09d30e91f8f1855a4826d9

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/bundle.js(1).download HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
                                        
Date: Fri, 25 Nov 2022 22:08:43 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=4, max=250
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   134436
Md5:    f56bf3b6032db156d765899e34a4247b
Sha1:   5f84c861f6a65f3750393de498b47973f8e02171
Sha256: daf840a7d3cce209a83af939781496ed6b7c452e81fdd54669c53c31af1f5e8d

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/key_black_logo.png HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 25 Nov 2022 22:08:43 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3398
Keep-Alive: timeout=4, max=249
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 276 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   3398
Md5:    ccd1998e4615741205e472c236931da9
Sha1:   4f83d15ca72cef907f26c86c70fafab31e544578
Sha256: 285000ce43b3b845767b90cdd462e976f20fc02d304cbbdc8e617003979ff853

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/key-logo.svg HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 25 Nov 2022 22:08:43 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2912
Keep-Alive: timeout=4, max=249
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5966)
Size:   2912
Md5:    f4b658504cb5e9703459c95bdbcfd1a5
Sha1:   cea9ac14b794b1dd2237f023193624d3d847396b
Sha256: 24709c7432979222b25e350248083b3a7ce9e8cb678559ea238a5fd2240880b3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/kloader.gif HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 25 Nov 2022 22:08:43 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 25 Dec 2022 22:08:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18046
Keep-Alive: timeout=4, max=249
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 400\012- data
Size:   18046
Md5:    5a3bf91010a87abd78d755bd5842e267
Sha1:   948958c774922100ad49944bd0c0aed5ce012cbb
Sha256: 22055678241f69635fcf7e3065e1f08fb13b1cfd77ebcfce1de43bf3e2a545bc

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /images/kds.svg HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=248
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ibxolb/olb/share/assets/images/kds.svg HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=248
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/styles.a4962029f638dde4888c.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=248
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/kds-base-key.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=247
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/kds-base-key.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=247
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/styles.a4962029f638dde4888c.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=247
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/kds-base-key.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=246
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/styles.a4962029f638dde4888c.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=246
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/kds-base-key.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=246
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/KeyBank%20Online_files/styles.a4962029f638dde4888c.css

search
                                         72.10.50.60
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=4, max=245
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /KeyBank%20Online_files/ll_storage_html5.html HTTP/1.1 
Host: ibxkeyyindex.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ibxkeyyindex.duckdns.org/Login.php?id=3863l4ebo82k?access_token=5bo9ck3c1cn3
Upgrade-Insecure-Requests: 1

search
                                         72.10.50.60
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 25 Nov 2022 22:08:44 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Thu, 09 Jun 2022 08:41:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11832
Keep-Alive: timeout=4, max=245
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Size:   11832
Md5:    65a62b147657297e8d2437ab57492375
Sha1:   b0c8a603f04131c763c0c850eb800ea6667b6c1d
Sha256: 2faf04a4e147b54e90c87e68bf6e939efa6ea365b799f91b616a6ab792357b13

Alerts:
  urlquery:
    - DynDNS domain detected