184.168.23.232302 Found 38 B URL User Request GET HTTP/1.1 IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type exported SGML document, ASCII text, with no line terminators
Hash c80a857d5dbc815f69fe2df0d60ef1ef
add232c480f74fc218503e87943d9dbac3634fb9
c7fb1cb3e2dca9a0c756b0652b25fc555fe5b6c2e98c913bb100fb5a639b842c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET / HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c; path=/
Location: ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mail.o22ss.duckdns.org/ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7
184.168.23.232302 Found 20 B URL User Request GET HTTP/1.1 mail.o22ss.duckdns.org/ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /ed/index.php?id=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7&act=4327667bc0edffdd59d8fd52970ac0e74327667bc0edffdd59d8fd52970ac0e7 HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
184.168.23.232200 OK 17 kB URL User Request GET HTTP/1.1 mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Hash a2e4a0e39a3685396a004f80da1bbf29
d23d7fecddd87bc1a71203948635d55db6f86cf6
e755325c43604b931122a030dd8c2842526738399e3a530b6da4ab2a4c056a8d
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mail.o22ss.duckdns.org/ed/assets/base.css
184.168.23.232200 OK 23 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/base.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (500)
Hash c351b38d3c3f9996956c8ca9ae4431cf
b0cbc8123e3dbf3c0bffb331fc9b8bc4324bb2d0
1e15cde02298c5edcee6e3bd1caa5b17c1f306b679620613478d496870914c05
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/base.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:05 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 23317
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/consent.css
184.168.23.232200 OK 14 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/consent.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash b3aa6a81c67774f261c38736909a8777
859954cb439831582a840ff6c3da5988f04b08d7
70594cd6ded88a8645f3be3e684442c85e3e8d315ef963a5ad9c402abe811420
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/consent.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 13514
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/fonts.css
184.168.23.232200 OK 1.6 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/fonts.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (1604)
Hash 02fe2afb48d62d43d6d7322dacbd9e92
59672af90a18a569c9e189d3163e54259805f4fa
684e8d7c2171b7fc6e754b7a1b3c5795aba36305baff1fe4147c69ca3ca01752
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/fonts.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1605
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/global.css
184.168.23.232200 OK 9.9 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/global.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (9938)
Hash aa8f792cfbf565b96564b963c8a86a5c
dcb05ca84b6ab3c92b49e0368455ca9414137e21
0ed56f99c5a92ef961206c49dd9aeacbcc45f5eb8ccab6d89558e4bb38db6ce4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/global.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 9939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/modal.css
184.168.23.232200 OK 2.3 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/modal.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (2320)
Hash b8b49cb374ef4a8ebb766228f29c6836
34ebe6a711d40ccd710484712dbbe90ddb95dc86
52ee5ecb8c8cc2f01ae7e8a47cecb9f9e9158304b8f917e679f4de50deaa0d67
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/modal.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2321
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/hidden.module.css
184.168.23.232200 OK 1.4 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/hidden.module.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash a40f4b74bed5fc5d74df3da6fdcaee26
2b8f20e668877c8bb4203ce1506753570523734c
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/hidden.module.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1359
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/slick.css
184.168.23.232200 OK 4.9 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/slick.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash 2a9b76df968d8e6e269374bd6dfe91be
98372b9e8482e5ff9a133ad36d60dc1cd0762ce7
e144ecaab5d286f0ebe10bb503fa51f5160f7513e497036c853b5fbc824f199e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/slick.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 4931
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/style.css
184.168.23.232200 OK 42 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/style.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash c4aacb894338eac91987273d702ef445
2555ae78500dc372bdc46be0aab5f3f569e7b84e
4f9c20172bce396a27b30dfb2ec12f5dc096035c9f7bed0059795d8074fcf442
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/style.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 41471
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/legacy-app-overrides-to-support-new-header-footer.css
184.168.23.232200 OK 605 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/legacy-app-overrides-to-support-new-header-footer.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (604)
Hash 5345e5b91417d6598c9a75fc9fcd8239
0748dfe8d4bee8c0c79eef6003be38382fdc9c55
e56047282cf5db3b125e1e12af0a6b5709aeedfa2b76adbe52200c348725ef22
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/legacy-app-overrides-to-support-new-header-footer.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 605
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/html5boilerplate.css
184.168.23.232200 OK 8.5 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/html5boilerplate.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash c6d3f791819ac5edda6da5557cead067
0e038f23e823601c4c819c33b80345a2d425edb9
7617eafd0b7b59918437a3c8f6b78e9684c40465d8cf831e99c2f12085c3c85e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/html5boilerplate.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 8493
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/_all-modules.css
184.168.23.232200 OK 176 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/_all-modules.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 176 kB (176518 bytes)
Hash 5926e732160f6aeedc4bd75d9502b906
66e8e49013bd3fe06148e11ee1d5f69853225ff0
1ce2bed10e9a3e270bd75e45a7ec080b0844c5338c884186536e25c4aa584bd4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/_all-modules.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 176518
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/global-nav.min.css
184.168.23.232200 OK 106 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/global-nav.min.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (105930 bytes)
Hash 7b8181c639528268c7bd50463936cd38
46553400d758492480b101743c2895cbf90c41e6
5c2068baa040ba21988c5c0024a6bc837973252221e712b38a78a7d9081b94d6
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/global-nav.min.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 105930
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/desktop-new.css
184.168.23.232200 OK 37 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/desktop-new.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text
Hash 8683719e61d7dcdf799e8ef62288746c
e4cc2a07ee514e7eba08850295e1d3b52a212830
cfbe048edbb6f915cb451afdeaef3d759a53a2a3fcedf1b85ec1cbe76bac55b9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/desktop-new.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 37283
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/answers.css
184.168.23.232200 OK 105 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/answers.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (105354 bytes)
Hash bfef112d67bf727a467e04042f82ab26
614ed43d5b546341664ec7ecc946ce34afa3f407
115546b0bec1e5c7f38bd2e8dd7136b1063a96202676afe2470b26c06bcce6c6
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/answers.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 105354
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css
184.168.23.232200 OK 471 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 471 kB (471221 bytes)
Hash d363d9ad501364f0186a354eb21c0d86
77485563cec3107ef32d8df08ef471f97f10cc2f
36460d90403800f20868ac14b4ea3e95dd5a1efe2a39c188e39967b25e9568a2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/_all-modules_002.css HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:06 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 471221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.o22ss.duckdns.org/ed/assets/icons.png
184.168.23.232200 OK 359 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/icons.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 380f4427114fe9ad89f83a71ee73266a
a9d17a6ab38fcf6107da40b0d09031797f85e7e1
2c72ffd796398d0826849a45508dc7674cac6c978e7ebdcf9b4a1f2a51f439db
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/icons.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 359
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/quick-links-samsung-1100.png
184.168.23.232200 OK 1.7 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/quick-links-samsung-1100.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ff321aca88d16ce343e528dbb86fdaf3
c083d9b94f4b905956a5fb658f308343cb7b5b11
b684067095628211cc1fb053387ba513e19539927d567dd6de9bd1abac0e8afc
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/quick-links-samsung-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1720
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/quick-links-apple-1100.png
184.168.23.232200 OK 699 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/quick-links-apple-1100.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 137 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 42e7059a95bbd2d998063eade1d73f27
f1aa5277fb1ae4d3c01b0f74bdd3b68734660647
e927442018efa65ad74e3aeefa49c653173c6567ec451ecd8092757d0c758cb8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/quick-links-apple-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 699
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/arrowbig.png
184.168.23.232200 OK 390 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/arrowbig.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 74065eeea71ec61d44b2b30664a9d3e7
345e8e03ffe091426275fbdc831a74ec37186ca4
798ac2b85cc8594e6b31573da7aa81d11c44cac0b8ff9ac6a310e8b17fdc5db8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/arrowbig.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 390
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/quick-links-google-1100.png
184.168.23.232200 OK 1.2 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/quick-links-google-1100.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ad312fa0ac1bc2f214f633214a0f635d
95306b80289c7a4b3bba79abe30d35fe6c602439
a25671eec259340a26ca03055c94614107f99717708052fb67728e848bb2cf0c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/quick-links-google-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1214
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/quick-links-oppo-1100[1].png
184.168.23.232200 OK 2.8 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/quick-links-oppo-1100[1].png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 47630cf0fc33d7e1910f45e833105b64
b5d09b7da30c24afc31cbd4f27d8e5382bafd7da
2d16f9b079717618678f04025ca2f52ce2929b51406ddbcc09ce530dd58870bf
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/quick-links-oppo-1100[1].png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2810
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
status.thawte.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash 19f60ba2baca208735db6d677caff9c7
1208d10d87b75a1f6f66c6030096b50f45a5b555
b70e318bb676671b9eebfbfa6e3ec7d525803712e6f49f4c2be5e5d61f39e828
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4547
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:31:07 GMT
Last-Modified: Mon, 05 Jun 2023 22:15:20 GMT
Server: ECAcc (amb/6ACA)
X-Cache: HIT
Content-Length: 471
static.o2.co.uk/mymobile/img/default/page_header_bg.png
54.230.111.2200 OK 12 kB URL GET HTTP/2 static.o2.co.uk/mymobile/img/default/page_header_bg.png
IP 54.230.111.2:443
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuerDigiCert Inc
SubjectSTATIC.O2.CO.UK
Fingerprint01:95:0B:EA:D0:75:78:20:96:54:79:2D:8C:9B:07:7E:DE:B8:03:0F
ValidityMon, 22 Aug 2022 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type PNG image data, 1435 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash eb2ea5a3c4ff98627a15454ff594585d
7e8e79aeac29532abaa3038207cf0b7ca3154122
8a9bbab166312e6573457e2f9903f28edfe9482a8819fcbd1c5949af2fd8ec5f
GET /mymobile/img/default/page_header_bg.png HTTP/1.1
Host: static.o2.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 11810
date: Mon, 05 Jun 2023 08:42:07 GMT
last-modified: Mon, 10 Feb 2020 07:27:58 GMT
etag: "eb2ea5a3c4ff98627a15454ff594585d"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y4bxVCSw71HUzAXMSYRMyO95s-KLld74NIpVISftNcEPD2k4i1ZH7Q==
age: 53341
X-Firefox-Spdy: h2
mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok
184.168.23.232404 Not Found 315 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.ttf?2c82ok HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/style.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mail.o22ss.duckdns.org/ed/assets/promo-cta-arrow.png
184.168.23.232200 OK 1.5 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/promo-cta-arrow.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 21 x 110, 8-bit colormap, non-interlaced\012- data
Hash 8ea43aa117e97b64ea81b98dd61e55ae
e3d0c34e471d4b69dd1757ce6b0364c24cee3970
1236c6d15444548d43248a5a105826548ad3cbc3fe5471b61a9e72153f2b04d6
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/promo-cta-arrow.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/desktop-new.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1510
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/img/footer/footer-gradient-mobile.png
184.168.23.232404 Not Found 315 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/img/footer/footer-gradient-mobile.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/img/footer/footer-gradient-mobile.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/_all-modules_002.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mail.o22ss.duckdns.org/ed/assets/o2-flurry-bubbles.png
184.168.23.232200 OK 29 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/o2-flurry-bubbles.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 171 x 364, 8-bit/color RGBA, non-interlaced\012- data
Hash ff9cf775f4765ec4d3b2f90d9e1ef54f
26fd2a7200c7dc740851f8c6f530960694e14ca4
893bf00b540000edcd8287a878d8a16da2490168994c345bfbc09dba93e0313e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/o2-flurry-bubbles.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/global-nav.min.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 29285
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/fonts/frutiger-45light.woff
184.168.23.232200 OK 52 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/fonts/frutiger-45light.woff
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 51456, version 1.0\012- data
Hash 2b70981d4208186bc9e71e8b51662738
08c4793c73ca76751f38c53c4f9926b7df221b18
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/fonts/frutiger-45light.woff HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 51456
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
mail.o22ss.duckdns.org/ed/fonts/frutiger-55roman.woff
184.168.23.232200 OK 45 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/fonts/frutiger-55roman.woff
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 45300, version 1.0\012- data
Hash 365019ed069cc0924e3430da4aa5c705
dc7e280a59debd0f556e63590d3980f81c55a58d
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/fonts/frutiger-55roman.woff HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 45300
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
mail.o22ss.duckdns.org/ed/assets/find-a-store@2x_0.png
184.168.23.232200 OK 2.3 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/find-a-store@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e62b3471d8d80d45d3136e28a6d1d31
21bbddb9775def3c7edbfb4e650f61ff76794cda
2e3814560a9bbe0983677e622033c2fdf951aef145d2219bbf6b210d9a1e057e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/find-a-store@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2292
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/check-network@2x_0.png
184.168.23.232200 OK 2.8 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/check-network@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d0e60de9bdeb161b9a16f7905737325
fe82f482d6cdb90d8ac1a8e95ba5010ae0902da0
ce51c1440d3782b114b1f6e7fe77f6a8b38ea3902c3b2e04f598666dd0e9dbe0
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/check-network@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2755
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/track-order@2x.png
184.168.23.232200 OK 2.5 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/track-order@2x.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 673b7686ec382bb1370a5dcce3025ef2
be4fcc531cec300f2a8f13a277ec6980366a04e3
d01bf38097a3ea897ddf15aa12e4da07297452fd1d0ff2822f44324cb2807f06
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/track-order@2x.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2506
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/my-o2@2x_0.png
184.168.23.232200 OK 2.4 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/my-o2@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash bf02ad4b93e88e2a3d158582945daadf
dd13bb39ae050618a5457b05590c8ccc69cae14d
3cd8c8d61fd595eee1c4520e0a9a6630da6388d3fc4e620115143501d7de106b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/my-o2@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2427
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/search@2x_0.png
184.168.23.232200 OK 2.2 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/search@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash f0b6b1e0bd908744af35d777d60e0612
c26b351c17af5fa31172279478d5532a952145f9
93e6371a85eea441a5ffe5535d27781e4cc7c933bb53667176ab8d8d21ebeb0e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/search@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2197
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok
184.168.23.232404 Not Found 315 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff?2c82ok HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/assets/style.css
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mail.o22ss.duckdns.org/ed/assets/facebook@2x_0.png
184.168.23.232200 OK 1.1 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/facebook@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e72150729a6b7be2b82f1afae8ab9f7e
776d028991d432ce71a3d5feee3a1a875e902782
6be10db4d26a28d3809565daf3785bc6fd2bdf59cabc40ea24799c802d90905d
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/facebook@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1124
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/instagram@2x.png
184.168.23.232200 OK 1.6 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/instagram@2x.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 5663e380d4420113d047edfe8c99cc11
bf3ecf1e6065923c1622ec891be27abf09cd96f4
f8d813df282240f271e5ffd150c3cea35a0e02157d540aa494c5f7776d9c9da4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/instagram@2x.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1572
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/5g-why-o2-thumbnail-dark-140220.jpg
184.168.23.232200 OK 2.8 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/5g-why-o2-thumbnail-dark-140220.jpg
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x95, components 3\012- data
Hash bdd827475219002fc9d4310ed93447db
aa35fc4a4c643df68b058f09929cd5d2ae5d9f56
4f4bb1d2c72d9aa668de1cd1a39e3690ae3a225227e5006a5324b9ba9690ff1e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/5g-why-o2-thumbnail-dark-140220.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2777
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.o22ss.duckdns.org/ed/assets/youtube@2x_0.png
184.168.23.232200 OK 842 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/youtube@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 477d8f426225513bfb4192d1c00cc950
b160f59a1ea0ee797e7d9d4ee698053b08a49e87
e10c70d559e5cb2b39c92267c3d2d13d75edb4e761492f71e92e73b77af495c1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/youtube@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 842
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/twitter@2x_0.png
184.168.23.232200 OK 1.2 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/twitter@2x_0.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 5321d14ac38ada08693d1692b93b4336
a07147b5a045521b735f67a59889f5d28ef08b2a
022f19b953411d3bfe052a90971860e065f6be746827aa90611fcbeb47c1c755
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/twitter@2x_0.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1157
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/quick-links-sony-1100.png
184.168.23.232200 OK 1.1 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/quick-links-sony-1100.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 137 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c7b26f5522410c71655f11e9a8703839
ce901521cb6c45cd014d7d9cfd189955f5f889a5
bbd42d17f2ece99103e0d833af244b77d457f1cd770a191981da8998688af27b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/quick-links-sony-1100.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1056
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/close_search.png
184.168.23.232200 OK 1.1 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/close_search.png
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type PNG image data, 37 x 37, 8-bit/color RGBA, interlaced\012- data
Hash 927b217f4c8b90e93eab4ecce4af2e70
441daf2134eae337b0e4ffcd1f1386371faf1cf8
1035da3ea0de1ad0fe10a36cf34126f814186d6258e1fa2bccbee99c76fc47b1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/close_search.png HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 1106
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
mail.o22ss.duckdns.org/ed/assets/global-nav-community-image-070519.jpg
184.168.23.232200 OK 12 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/global-nav-community-image-070519.jpg
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 230x250, components 3\012- data
Hash 65d10e82f9dca72d836d908a02e84936
9b4bbdd52ab21bad885345621c7565aa3c62a6e8
735445de9f4179bc70200139bba9ef74cf9b63e71ffa64215ef7de5bcd1d0960
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/global-nav-community-image-070519.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 12278
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.o22ss.duckdns.org/ed/assets/why-o2-thumbnail-dark-260220.jpg
184.168.23.232200 OK 2.1 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/why-o2-thumbnail-dark-260220.jpg
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x95, components 3\012- data
Hash 55c0e01dade204373f956fba29a22550
bd90b186f2c76fef6723da437c6d9232743f73c3
8530cc8e7f0d640897ee2bee96c0bf79f0e9a53a5c29e1020b19760970c4beef
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/why-o2-thumbnail-dark-260220.jpg HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2077
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mail.o22ss.duckdns.org/ed/assets/spinner-trans20.gif
184.168.23.232200 OK 7.5 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/spinner-trans20.gif
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type GIF image data, version 89a, 20 x 20\012- data
Hash ebb5ab812acd666c66711b0cb49def64
39af3dd802cfa31daee10b162b33e9bf4d61b4e4
7be139620e5afa0d201b87c778e198525c28c5c3f3f09daa49b6906c9b332ed9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/spinner-trans20.gif HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 7516
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
mail.o22ss.duckdns.org/ed/assets/0
184.168.23.232404 Not Found 36 B URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/0
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/0 HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
status.thawte.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash 0de00995a72730d130c7e4ce63e7669d
592de9fff3a53d15989f2d7617c49fc63a446ea4
14181c712705578641ccf4faf760504fc939ff93159c8e8efa87a918b45dd8ff
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: ECAcc (amb/6ACA)
Content-Length: 471
static-www.o2.co.uk/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff
13.107.228.36200 OK 240 kB URL GET HTTP/2 static-www.o2.co.uk/sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff
IP 13.107.228.36:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuerDigiCert Inc
Subjectstatic-www.o2.co.uk
Fingerprint6E:DB:73:25:55:47:34:E5:E2:E5:51:56:97:1D:06:B7:45:F7:6F:F6
ValidityFri, 24 Jun 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 239676, version 1.4\012- data
Size 240 kB (239676 bytes)
Hash 6a4bff80dc5fc6fc83f45a17fb4edf5e
0afb0857165321730bdca0bf573a9191ed6f7f47
367d89f138ef414c1a02f314139dd708b84d0cd7ce677052039b2cd8a3b1cf23
GET /sites/default/files/fonticon/o2-icon-font/fonts/o2-icon-font.woff HTTP/1.1
Host: static-www.o2.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.o22ss.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=1209600
content-length: 239676
content-type: font/woff
expires: Mon, 19 Jun 2023 12:16:10 GMT
last-modified: Mon, 27 Sep 2021 15:45:24 GMT
accept-ranges: bytes
etag: "3a83c-5ccfbfc4742f6"
x-cache: TCP_HIT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *
x-azure-ref-originshield: 04xx+ZAAAAAA3KWogNA0cQbVmeUfeNLhpQU1TMDRFREdFMTgwOQAyMTkyNjJjYy04YzZlLTQ5OGMtYmI0NS02MDgyNGQxYjJiYjA=
x-azure-ref: 0PHB+ZAAAAACypGaw9eL+QboFU2KBLq0uU1ZHMjBFREdFMDYyMQAyMTkyNjJjYy04YzZlLTQ5OGMtYmI0NS02MDgyNGQxYjJiYjA=
date: Mon, 05 Jun 2023 23:31:07 GMT
X-Firefox-Spdy: h2
mail.o22ss.duckdns.org/ed/assets/o2.ico
184.168.23.232200 OK 2.2 kB URL GET HTTP/1.1 mail.o22ss.duckdns.org/ed/assets/o2.ico
IP 184.168.23.232:443
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Certificate IssuercPanel, Inc.
Subjecto22ss.duckdns.org
Fingerprint0D:DE:09:F5:50:42:A3:A7:BF:DB:02:96:73:2D:6F:CC:66:02:64:E3
ValiditySun, 04 Jun 2023 00:00:00 GMT - Sat, 02 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash 0f2b01ffd84000737599acaf0cf96a4e
89c16ab0bb40d081438675710e838f56e69952d4
31b70e224e7f266d1767b5ae3107e41a5b678b97a3fdf32ba93c1488ce8a7116
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish O2 UK
GET /ed/assets/o2.ico HTTP/1.1
Host: mail.o22ss.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.o22ss.duckdns.org/ed/account?session=39461a19e9eddfb385ea76b26521ea48&enc=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=b1f00c25cbd659ae9a0b858d82f6810c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 23:31:07 GMT
Server: Apache
Last-Modified: Sun, 30 Apr 2023 06:54:48 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon