Report - mail.o22ss.duckdns.org/

Report Overview

Submitted URL
mail.o22ss.duckdns.org/
IP
184.168.23.232
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2023-06-05 23:31:22
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
49
Network Intrusion Detection
82
Threat Detection Systems
94

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mail.o22ss.duckdns.org	unknown	2013-04-12	2023-06-05	2023-06-05	28 kB	1.2 MB	184.168.23.232
status.thawte.com	5123	1996-02-10	2017-11-27	2023-06-05	662 B	1.4 kB	192.229.221.95
static.o2.co.uk	384291	1997-11-19	2012-10-12	2023-06-04	459 B	12 kB	54.230.111.2
static-www.o2.co.uk	215073	1997-11-19	2017-08-24	2023-06-03	557 B	240 kB	13.107.228.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-05 23:31:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:04	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:04	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-06-05 23:31:07	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-06-05 23:31:07	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/
2023-06-05	medium	mail.o22ss.duckdns.org/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (52)

URL IP Response Size

mail.o22ss.duckdns.org/

184.168.23.232

302 Found

38 B

URL User Request GET HTTP/1.1
mail.o22ss.duckdns.org/
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
exported SGML document, ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
c80a857d5dbc815f69fe2df0d60ef1ef
add232c480f74fc218503e87943d9dbac3634fb9
c7fb1cb3e2dca9a0c756b0652b25fc555fe5b6c2e98c913bb100fb5a639b842c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET / HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c; path=/
Location: ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

mail.o22ss.duckdns.org/ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7

184.168.23.232

302 Found

20 B

URL User Request GET HTTP/1.1
mail.o22ss.duckdns.org/ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7 HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd

184.168.23.232

200 OK

17 kB

URL User Request GET HTTP/1.1
mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Size
17 kB (17184 bytes)
Hash
a2e4a0e39a3685396a004f80da1bbf29
d23d7fecddd87bc1a71203948635d55db6f86cf6
e755325c43604b931122a030dd8c2842526738399e3a530b6da4ab2a4c056a8d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

mail.o22ss.duckdns.org/ed/assets/base.css

184.168.23.232

200 OK

23 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/base.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (500)
Size
23 kB (23317 bytes)
Hash
c351b38d3c3f9996956c8ca9ae4431cf
b0cbc8123e3dbf3c0bffb331fc9b8bc4324bb2d0
1e15cde02298c5edcee6e3bd1caa5b17c1f306b679620613478d496870914c05

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/base.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 23317
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/consent.css

184.168.23.232

200 OK

14 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/consent.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
14 kB (13514 bytes)
Hash
b3aa6a81c67774f261c38736909a8777
859954cb439831582a840ff6c3da5988f04b08d7
70594cd6ded88a8645f3be3e684442c85e3e8d315ef963a5ad9c402abe811420

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/consent.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 13514
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/fonts.css

184.168.23.232

200 OK

1.6 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/fonts.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1604)
Size
1.6 kB (1605 bytes)
Hash
02fe2afb48d62d43d6d7322dacbd9e92
59672af90a18a569c9e189d3163e54259805f4fa
684e8d7c2171b7fc6e754b7a1b3c5795aba36305baff1fe4147c69ca3ca01752

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/fonts.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1605
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/global.css

184.168.23.232

200 OK

9.9 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/global.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (9938)
Size
9.9 kB (9939 bytes)
Hash
aa8f792cfbf565b96564b963c8a86a5c
dcb05ca84b6ab3c92b49e0368455ca9414137e21
0ed56f99c5a92ef961206c49dd9aeacbcc45f5eb8ccab6d89558e4bb38db6ce4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/global.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 9939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/modal.css

184.168.23.232

200 OK

2.3 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/modal.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2320)
Size
2.3 kB (2321 bytes)
Hash
b8b49cb374ef4a8ebb766228f29c6836
34ebe6a711d40ccd710484712dbbe90ddb95dc86
52ee5ecb8c8cc2f01ae7e8a47cecb9f9e9158304b8f917e679f4de50deaa0d67

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/modal.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2321
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/hidden.module.css

184.168.23.232

200 OK

1.4 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/hidden.module.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
1.4 kB (1359 bytes)
Hash
a40f4b74bed5fc5d74df3da6fdcaee26
2b8f20e668877c8bb4203ce1506753570523734c
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/hidden.module.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1359
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/slick.css

184.168.23.232

200 OK

4.9 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/slick.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
4.9 kB (4931 bytes)
Hash
2a9b76df968d8e6e269374bd6dfe91be
98372b9e8482e5ff9a133ad36d60dc1cd0762ce7
e144ecaab5d286f0ebe10bb503fa51f5160f7513e497036c853b5fbc824f199e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/slick.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 4931
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/style.css

184.168.23.232

200 OK

42 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/style.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
42 kB (41471 bytes)
Hash
c4aacb894338eac91987273d702ef445
2555ae78500dc372bdc46be0aab5f3f569e7b84e
4f9c20172bce396a27b30dfb2ec12f5dc096035c9f7bed0059795d8074fcf442

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/style.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 41471
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/legacy-app-overrides-to-support-new-header-footer.css

184.168.23.232

200 OK

605 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/legacy-app-overrides-to-support-new-header-footer.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (604)
Size
605 B (605 bytes)
Hash
5345e5b91417d6598c9a75fc9fcd8239
0748dfe8d4bee8c0c79eef6003be38382fdc9c55
e56047282cf5db3b125e1e12af0a6b5709aeedfa2b76adbe52200c348725ef22

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/legacy-app-overrides-to-support-new-header-footer.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 605
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/html5boilerplate.css

184.168.23.232

200 OK

8.5 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/html5boilerplate.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
8.5 kB (8493 bytes)
Hash
c6d3f791819ac5edda6da5557cead067
0e038f23e823601c4c819c33b80345a2d425edb9
7617eafd0b7b59918437a3c8f6b78e9684c40465d8cf831e99c2f12085c3c85e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/html5boilerplate.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 8493
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/_all-modules.css

184.168.23.232

200 OK

176 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/_all-modules.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
176 kB (176518 bytes)
Hash
5926e732160f6aeedc4bd75d9502b906
66e8e49013bd3fe06148e11ee1d5f69853225ff0
1ce2bed10e9a3e270bd75e45a7ec080b0844c5338c884186536e25c4aa584bd4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/_all-modules.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 176518
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/global-nav.min.css

184.168.23.232

200 OK

106 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/global-nav.min.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
106 kB (105930 bytes)
Hash
7b8181c639528268c7bd50463936cd38
46553400d758492480b101743c2895cbf90c41e6
5c2068baa040ba21988c5c0024a6bc837973252221e712b38a78a7d9081b94d6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/global-nav.min.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 105930
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/desktop-new.css

184.168.23.232

200 OK

37 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/desktop-new.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text
Size
37 kB (37283 bytes)
Hash
8683719e61d7dcdf799e8ef62288746c
e4cc2a07ee514e7eba08850295e1d3b52a212830
cfbe048edbb6f915cb451afdeaef3d759a53a2a3fcedf1b85ec1cbe76bac55b9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/desktop-new.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 37283
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/answers.css

184.168.23.232

200 OK

105 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/answers.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105354 bytes)
Hash
bfef112d67bf727a467e04042f82ab26
614ed43d5b546341664ec7ecc946ce34afa3f407
115546b0bec1e5c7f38bd2e8dd7136b1063a96202676afe2470b26c06bcce6c6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/answers.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 105354
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css

184.168.23.232

200 OK

471 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
471 kB (471221 bytes)
Hash
d363d9ad501364f0186a354eb21c0d86
77485563cec3107ef32d8df08ef471f97f10cc2f
36460d90403800f20868ac14b4ea3e95dd5a1efe2a39c188e39967b25e9568a2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/_all-modules_002.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 471221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.o22ss.duckdns.org/ed/assets/icons.png

184.168.23.232

200 OK

359 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/icons.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
359 B (359 bytes)
Hash
380f4427114fe9ad89f83a71ee73266a
a9d17a6ab38fcf6107da40b0d09031797f85e7e1
2c72ffd796398d0826849a45508dc7674cac6c978e7ebdcf9b4a1f2a51f439db

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/icons.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 359
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/quick-links-samsung-1100.png

184.168.23.232

200 OK

1.7 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/quick-links-samsung-1100.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1720 bytes)
Hash
ff321aca88d16ce343e528dbb86fdaf3
c083d9b94f4b905956a5fb658f308343cb7b5b11
b684067095628211cc1fb053387ba513e19539927d567dd6de9bd1abac0e8afc

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/quick-links-samsung-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1720
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/quick-links-apple-1100.png

184.168.23.232

200 OK

699 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/quick-links-apple-1100.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 137 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
699 B (699 bytes)
Hash
42e7059a95bbd2d998063eade1d73f27
f1aa5277fb1ae4d3c01b0f74bdd3b68734660647
e927442018efa65ad74e3aeefa49c653173c6567ec451ecd8092757d0c758cb8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/quick-links-apple-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 699
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/arrowbig.png

184.168.23.232

200 OK

390 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/arrowbig.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
390 B (390 bytes)
Hash
74065eeea71ec61d44b2b30664a9d3e7
345e8e03ffe091426275fbdc831a74ec37186ca4
798ac2b85cc8594e6b31573da7aa81d11c44cac0b8ff9ac6a310e8b17fdc5db8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/arrowbig.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 390
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/quick-links-google-1100.png

184.168.23.232

200 OK

1.2 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/quick-links-google-1100.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1214 bytes)
Hash
ad312fa0ac1bc2f214f633214a0f635d
95306b80289c7a4b3bba79abe30d35fe6c602439
a25671eec259340a26ca03055c94614107f99717708052fb67728e848bb2cf0c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/quick-links-google-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1214
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/quick-links-oppo-1100[1].png

184.168.23.232

200 OK

2.8 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/quick-links-oppo-1100[1].png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2810 bytes)
Hash
47630cf0fc33d7e1910f45e833105b64
b5d09b7da30c24afc31cbd4f27d8e5382bafd7da
2d16f9b079717618678f04025ca2f52ce2929b51406ddbcc09ce530dd58870bf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/quick-links-oppo-1100[1].png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2810
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

status.thawte.com/

192.229.221.95

471 B

URL
status.thawte.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
19f60ba2baca208735db6d677caff9c7
1208d10d87b75a1f6f66c6030096b50f45a5b555
b70e318bb676671b9eebfbfa6e3ec7d525803712e6f49f4c2be5e5d61f39e828

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4547
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:31:07 GMT
Last-Modified: Mon, 05 Jun 2023 22:15:20 GMT
Server: ECAcc (amb/6ACA)
X-Cache: HIT
Content-Length: 471

static.o2.co.uk/mymobile/img/default/page_header_bg.png

54.230.111.2

200 OK

12 kB

URL GET HTTP/2
static.o2.co.uk/mymobile/img/default/page_header_bg.png
IP
54.230.111.2:443
ASN
#16509 AMAZON-02

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuerDigiCert Inc
SubjectSTATIC.O2.CO.UK
Fingerprint01:95:0B:EA:D0:75:78:20:96:54:79:2D:8C:9B:07:7E:DE:B8:03:0F
ValidityMon, 22 Aug 2022 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT

File type
PNG image data, 1435 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11810 bytes)
Hash
eb2ea5a3c4ff98627a15454ff594585d
7e8e79aeac29532abaa3038207cf0b7ca3154122
8a9bbab166312e6573457e2f9903f28edfe9482a8819fcbd1c5949af2fd8ec5f

HTTP Headers

GET /mymobile/img/default/page_header_bg.png HTTP/1.1
Host: static.o2.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 11810
date: Mon, 05 Jun 2023 08:42:07 GMT
last-modified: Mon, 10 Feb 2020 07:27:58 GMT
etag: "eb2ea5a3c4ff98627a15454ff594585d"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y4bxVCSw71HUzAXMSYRMyO95s-KLld74NIpVISftNcEPD2k4i1ZH7Q==
age: 53341
X-Firefox-Spdy: h2

mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok

184.168.23.232

404 Not Found

315 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/style.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mail.o22ss.duckdns.org/ed/assets/promo-cta-arrow.png

184.168.23.232

200 OK

1.5 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/promo-cta-arrow.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 21 x 110, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1510 bytes)
Hash
8ea43aa117e97b64ea81b98dd61e55ae
e3d0c34e471d4b69dd1757ce6b0364c24cee3970
1236c6d15444548d43248a5a105826548ad3cbc3fe5471b61a9e72153f2b04d6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/promo-cta-arrow.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/desktop-new.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1510
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/img/footer/footer-gradient-mobile.png

184.168.23.232

404 Not Found

315 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/img/footer/footer-gradient-mobile.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/img/footer/footer-gradient-mobile.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mail.o22ss.duckdns.org/ed/assets/o2-flurry-bubbles.png

184.168.23.232

200 OK

29 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/o2-flurry-bubbles.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 171 x 364, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29285 bytes)
Hash
ff9cf775f4765ec4d3b2f90d9e1ef54f
26fd2a7200c7dc740851f8c6f530960694e14ca4
893bf00b540000edcd8287a878d8a16da2490168994c345bfbc09dba93e0313e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/o2-flurry-bubbles.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/global-nav.min.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 29285
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/fonts/frutiger-45light.woff

184.168.23.232

200 OK

52 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/fonts/frutiger-45light.woff
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 51456, version 1.0\012- data
Size
52 kB (51456 bytes)
Hash
2b70981d4208186bc9e71e8b51662738
08c4793c73ca76751f38c53c4f9926b7df221b18
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/fonts/frutiger-45light.woff HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 51456
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff

mail.o22ss.duckdns.org/ed/fonts/frutiger-55roman.woff

184.168.23.232

200 OK

45 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/fonts/frutiger-55roman.woff
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
365019ed069cc0924e3430da4aa5c705
dc7e280a59debd0f556e63590d3980f81c55a58d
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/fonts/frutiger-55roman.woff HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 45300
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff

mail.o22ss.duckdns.org/ed/assets/find-a-store@2x_0.png

184.168.23.232

200 OK

2.3 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/find-a-store@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2292 bytes)
Hash
7e62b3471d8d80d45d3136e28a6d1d31
21bbddb9775def3c7edbfb4e650f61ff76794cda
2e3814560a9bbe0983677e622033c2fdf951aef145d2219bbf6b210d9a1e057e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/find-a-store@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2292
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/check-network@2x_0.png

184.168.23.232

200 OK

2.8 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/check-network@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2755 bytes)
Hash
9d0e60de9bdeb161b9a16f7905737325
fe82f482d6cdb90d8ac1a8e95ba5010ae0902da0
ce51c1440d3782b114b1f6e7fe77f6a8b38ea3902c3b2e04f598666dd0e9dbe0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/check-network@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2755
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/track-order@2x.png

184.168.23.232

200 OK

2.5 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/track-order@2x.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2506 bytes)
Hash
673b7686ec382bb1370a5dcce3025ef2
be4fcc531cec300f2a8f13a277ec6980366a04e3
d01bf38097a3ea897ddf15aa12e4da07297452fd1d0ff2822f44324cb2807f06

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/track-order@2x.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2506
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/my-o2@2x_0.png

184.168.23.232

200 OK

2.4 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/my-o2@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2427 bytes)
Hash
bf02ad4b93e88e2a3d158582945daadf
dd13bb39ae050618a5457b05590c8ccc69cae14d
3cd8c8d61fd595eee1c4520e0a9a6630da6388d3fc4e620115143501d7de106b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/my-o2@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2427
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/search@2x_0.png

184.168.23.232

200 OK

2.2 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/search@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2197 bytes)
Hash
f0b6b1e0bd908744af35d777d60e0612
c26b351c17af5fa31172279478d5532a952145f9
93e6371a85eea441a5ffe5535d27781e4cc7c933bb53667176ab8d8d21ebeb0e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/search@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2197
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok

184.168.23.232

404 Not Found

315 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/style.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mail.o22ss.duckdns.org/ed/assets/facebook@2x_0.png

184.168.23.232

200 OK

1.1 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/facebook@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1124 bytes)
Hash
e72150729a6b7be2b82f1afae8ab9f7e
776d028991d432ce71a3d5feee3a1a875e902782
6be10db4d26a28d3809565daf3785bc6fd2bdf59cabc40ea24799c802d90905d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/facebook@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1124
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/instagram@2x.png

184.168.23.232

200 OK

1.6 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/instagram@2x.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1572 bytes)
Hash
5663e380d4420113d047edfe8c99cc11
bf3ecf1e6065923c1622ec891be27abf09cd96f4
f8d813df282240f271e5ffd150c3cea35a0e02157d540aa494c5f7776d9c9da4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/instagram@2x.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1572
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/5g-why-o2-thumbnail-dark-140220.jpg

184.168.23.232

200 OK

2.8 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/5g-why-o2-thumbnail-dark-140220.jpg
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x95, components 3\012- data
Size
2.8 kB (2777 bytes)
Hash
bdd827475219002fc9d4310ed93447db
aa35fc4a4c643df68b058f09929cd5d2ae5d9f56
4f4bb1d2c72d9aa668de1cd1a39e3690ae3a225227e5006a5324b9ba9690ff1e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/5g-why-o2-thumbnail-dark-140220.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2777
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

mail.o22ss.duckdns.org/ed/assets/youtube@2x_0.png

184.168.23.232

200 OK

842 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/youtube@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
842 B (842 bytes)
Hash
477d8f426225513bfb4192d1c00cc950
b160f59a1ea0ee797e7d9d4ee698053b08a49e87
e10c70d559e5cb2b39c92267c3d2d13d75edb4e761492f71e92e73b77af495c1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/youtube@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 842
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/twitter@2x_0.png

184.168.23.232

200 OK

1.2 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/twitter@2x_0.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1157 bytes)
Hash
5321d14ac38ada08693d1692b93b4336
a07147b5a045521b735f67a59889f5d28ef08b2a
022f19b953411d3bfe052a90971860e065f6be746827aa90611fcbeb47c1c755

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/twitter@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1157
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/quick-links-sony-1100.png

184.168.23.232

200 OK

1.1 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/quick-links-sony-1100.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1056 bytes)
Hash
c7b26f5522410c71655f11e9a8703839
ce901521cb6c45cd014d7d9cfd189955f5f889a5
bbd42d17f2ece99103e0d833af244b77d457f1cd770a191981da8998688af27b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/quick-links-sony-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1056
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/close_search.png

184.168.23.232

200 OK

1.1 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/close_search.png
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
PNG image data, 37 x 37, 8-bit/color RGBA, interlaced\012- data
Size
1.1 kB (1106 bytes)
Hash
927b217f4c8b90e93eab4ecce4af2e70
441daf2134eae337b0e4ffcd1f1386371faf1cf8
1035da3ea0de1ad0fe10a36cf34126f814186d6258e1fa2bccbee99c76fc47b1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/close_search.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1106
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

mail.o22ss.duckdns.org/ed/assets/global-nav-community-image-070519.jpg

184.168.23.232

200 OK

12 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/global-nav-community-image-070519.jpg
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 230x250, components 3\012- data
Size
12 kB (12278 bytes)
Hash
65d10e82f9dca72d836d908a02e84936
9b4bbdd52ab21bad885345621c7565aa3c62a6e8
735445de9f4179bc70200139bba9ef74cf9b63e71ffa64215ef7de5bcd1d0960

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/global-nav-community-image-070519.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 12278
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

mail.o22ss.duckdns.org/ed/assets/why-o2-thumbnail-dark-260220.jpg

184.168.23.232

200 OK

2.1 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/why-o2-thumbnail-dark-260220.jpg
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x95, components 3\012- data
Size
2.1 kB (2077 bytes)
Hash
55c0e01dade204373f956fba29a22550
bd90b186f2c76fef6723da437c6d9232743f73c3
8530cc8e7f0d640897ee2bee96c0bf79f0e9a53a5c29e1020b19760970c4beef

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/why-o2-thumbnail-dark-260220.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2077
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

mail.o22ss.duckdns.org/ed/assets/spinner-trans20.gif

184.168.23.232

200 OK

7.5 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/spinner-trans20.gif
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
GIF image data, version 89a, 20 x 20\012- data
Size
7.5 kB (7516 bytes)
Hash
ebb5ab812acd666c66711b0cb49def64
39af3dd802cfa31daee10b162b33e9bf4d61b4e4
7be139620e5afa0d201b87c778e198525c28c5c3f3f09daa49b6906c9b332ed9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/spinner-trans20.gif HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 7516
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif

mail.o22ss.duckdns.org/ed/assets/0

184.168.23.232

404 Not Found

36 B

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/0
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
36 B (36 bytes)
Hash
4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/0 HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

status.thawte.com/

192.229.221.95

471 B

URL
status.thawte.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0de00995a72730d130c7e4ce63e7669d
592de9fff3a53d15989f2d7617c49fc63a446ea4
14181c712705578641ccf4faf760504fc939ff93159c8e8efa87a918b45dd8ff

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: ECAcc (amb/6ACA)
Content-Length: 471

static-www.o2.co.uk/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff

13.107.228.36

200 OK

240 kB

URL GET HTTP/2
static-www.o2.co.uk/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff
IP
13.107.228.36:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuerDigiCert Inc
Subjectstatic-www.o2.co.uk
Fingerprint6E:DB:73:25:55:47:34:E5:E2:E5:51:56:97:1D:06:B7:45:F7:6F:F6
ValidityFri, 24 Jun 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 239676, version 1.4\012- data
Size
240 kB (239676 bytes)
Hash
6a4bff80dc5fc6fc83f45a17fb4edf5e
0afb0857165321730bdca0bf573a9191ed6f7f47
367d89f138ef414c1a02f314139dd708b84d0cd7ce677052039b2cd8a3b1cf23

HTTP Headers

GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff HTTP/1.1
Host: static-www.o2.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.o22ss.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=1209600
content-length: 239676
content-type: font/woff
expires: Mon, 19 Jun 2023 12:16:10 GMT
last-modified: Mon, 27 Sep 2021 15:45:24 GMT
accept-ranges: bytes
etag: "3a83c-5ccfbfc4742f6"
x-cache: TCP_HIT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *
x-azure-ref-originshield: 04xx+ZAAAAAA3KWogNA0cQbVmeUfeNLhpQU1TMDRFREdFMTgwOQAyMTkyNjJjYy04YzZlLTQ5OGMtYmI0NS02MDgyNGQxYjJiYjA=
x-azure-ref: 0PHB+ZAAAAACypGaw9eL+QboFU2KBLq0uU1ZHMjBFREdFMDYyMQAyMTkyNjJjYy04YzZlLTQ5OGMtYmI0NS02MDgyNGQxYjJiYjA=
date: Mon, 05 Jun 2023 23:31:07 GMT
X-Firefox-Spdy: h2

mail.o22ss.duckdns.org/ed/assets/o2.ico

184.168.23.232

200 OK

2.2 kB

URL GET HTTP/1.1
mail.o22ss.duckdns.org/ed/assets/o2.ico
IP
184.168.23.232:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate
IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
0f2b01ffd84000737599acaf0cf96a4e
89c16ab0bb40d081438675710e838f56e69952d4
31b70e224e7f266d1767b5ae3107e41a5b678b97a3fdf32ba93c1488ce8a7116

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	O2 UK

HTTP Headers

GET /ed/assets/o2.ico HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (52)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type