Report - alaskaus1a.dynamic-dns.net/dee19550f83660f1db5f958ef4763a5e/?cont=QERldmlsbWFzazA5&token=2cdfe0b3db95b783b519a00f59dcb481beecedd27827f66705cb16aa18a7c7e8c20b9face4d231cdf9fdfb3cb837fda43d076934a007afab7cdc7cb5c902e15b

Report Overview

Submitted URL
alaskaus1a.dynamic-dns.net/dee19550f83660f1db5f958ef4763a5e/?cont=QERldmlsbWFzazA5&token=2cdfe0b3db95b783b519a00f59dcb481beecedd27827f66705cb16aa18a7c7e8c20b9face4d231cdf9fdfb3cb837fda43d076934a007afab7cdc7cb5c902e15b
IP
137.184.184.135
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-12-28 07:54:23
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
41
Network Intrusion Detection
43
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	116 kB	104.16.148.64
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	349 B	31.13.72.36
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	14 kB	204.79.197.200
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	29 kB	31.13.72.12
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	757 B	142.250.74.164
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	909 B	572 B	216.239.32.36
js.adsrvr.org	1664	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	2.4 kB	143.204.45.46
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.4 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	216.58.211.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	21 kB	142.250.74.110
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.35.143.109
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	151 kB	104.17.24.14
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
prism.app-us1.com	8479	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	619 B	462 B	104.17.145.91
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	874 B	757 B	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
apps.mypurecloud.com	13135	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	7.5 kB	52.204.155.250
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	262 B	35.71.131.137
devilsms.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	783 B	53 kB	199.188.200.254
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	100 kB	142.250.74.168
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	895 B	2.0 kB	142.250.74.130
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	625 B	720 B	209.85.233.155
alaskaus1a.dynamic-dns.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	852 kB	137.184.184.135

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2022-12-28 07:54:07	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dynamic-dns.net Domain
2022-12-28 07:54:07	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dynamic-dns.net Domain
2022-12-28 07:54:07	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:08	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:08	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:09	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:10	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:11	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:11	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain
2022-12-28 07:54:11	medium	Client IP	137.184.184.135	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	728 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 2e0296fd2192fa09f3808ab743129fbf 0c961ae396e386f92d8c2a357c2c5a6ecf9c2a17 492fb2b00a8f22321408584e0f20d64e53b95ce7e4ce4b253edc99130bc964a4 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	3.7 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 85a72e81c73a8017d7bc5376b36897a7 328becf6895a858b5213f3a1144aba8b3c2a31ba 9e64d0c38704d84e24c2d2204e2b880a55938d40572b94ee0c60bec4b465a84e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214050138&cv=11&fst=1672214050138&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1975439143.1672214050&rfmt=3&fmt=4	2.3 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214050138&cv=11&fst=1672214050138&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1975439143.1672214050&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:24 Times Seen1 Hash 1163eb8229037154b4b9cb11902b6b47 5f9f07ed12b57df260d58d5bbec414da753531fa 66964fb3f3dbf3240d46e43026045454d5ecdf2456756eecf2ee01f97b9808a3 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?matcher	1.7 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?matcher IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 9bed8a3055a7d97e2d28eb30fc0df992 0430ea56087da3489c26f3390fad8fecfabe9e18 144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	573 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 907a237b5b17c4dd0e5d699a3f326910 04ed652b44be4062fe6096884b9a6246e6b21c2e ce61306c75e160eef25b7412be16fffa23e126012e038f0a5dcfd1b03aa41352 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery-3.5.1.min.js	151 kB	2023-03-08	2024-01-18
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery-3.5.1.min.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:58:32 Last Seen2024-01-18 12:34:26 Times Seen46 Hash 2558cf546bbf6869abc41ae82d3219b0 86c35ee20d992d7c408ebf64608592458604eb8e 6e7e019e8348c366ad234e388d1d52ea7c06a0c573af42915f8d865ca4a0943f Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	21 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen16 Hash 5486f6bd2145349490f8c1293260cfa0 8b10f7228174f4f2ecf3300b23a450f8926f34ca e7699f5d57673c2c06cecb431d256633befdf0eac4f44315a4ce3ff1b913893a Loading...

	connect.facebook.net/signals/config/251150729134059?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/251150729134059?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 10:28:18 Times Seen1 Hash 252e4bb8c812b759c57f474047cb6499 7511dd0833af61328f178110762b60def4b80291 d93bd7e66fc4eaabc4dfed2d997390a28f2a6e4ccf69fd23e367cd05dee57b03 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	21 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen16 Hash 7d9beb4228a4a1f0daa00afca638f5e2 230f4efcbc655ff11c63dd971bd221bccff18446 fbb381a648bd49f1af1d726ec051d75c14632c3f1fa39ffbe2b08ab9c2544b6d Loading...

	devilsms.live/cleave.js	94 kB	2023-03-07	2023-12-17
Pretty URL devilsms.live/cleave.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:56:13 Last Seen2023-12-17 14:10:58 Times Seen29 Hash ead7731c4b02b3e134ec2d390e7fccd0 3491430271d8a9f15548ca5a00e90b5d4e10b437 f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	1.4 kB	2023-03-07	2024-04-23
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:29 Last Seen2024-04-23 17:39:59 Times Seen287 Hash bc9a8eaf3e6b50449dc8f17dce6ceb87 a6ed79412905a29eb6af6ab06ee65c243a8f2fae df143682c1457ed20ef47ab92cd113032a69bbe9e5217688a8e45f952a43fa3f Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	176 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 396b77e3b0e989c0db5e2c982aeb4e2b 25524df42a95fa98bf67b2e081145e5b15acb48c 5015c5551fc78368715f261033b0ddd4b3dc58ef887180e3e847973a37d3883e Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 21:20:17 Times Seen37024818 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.js	91 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 4878446472ab8663574717577b122d03 24623f13e4febfbee1b0588aa2b7cce6163fd667 c221ae5ef1063a44ec0bd1fd4c8e76e3785b609e051884b1f7d5b2e4c87ccf86 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	369 B	2023-03-07	2024-01-05
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-01-05 05:27:40 Times Seen4 Hash d850fa304b04e914feba514c236e913a 79cbb2b9a9ddd76d75be39d73fb6ed261776110d 8937f5aecff9ef1acd3186c7852a35305538447c1a107c54429714bc997b2d96 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	6.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash ee770d1a2856e3cad9dd65ca01bb1bee def6e4d582ddae41dcdd8f1749116c69a83fb9d3 5491d6ad1f3ddb5ac263e5deb25f98a830a84051b2eb1d5611281adafd8ba451 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.90	65 kB	2023-03-08	2024-02-19
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.90 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:50 Last Seen2024-02-19 23:40:48 Times Seen4401 Hash ed5d6caf417fab681343bc3414babc55 410ba8d8866d7c7df41f21526345cfb7426386f2 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.leanModal.AKUSA.2.1.js	15 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.leanModal.AKUSA.2.1.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash f3c5c552762590af3bf7627387961052 577de72de0f60b0b00018c1f143c23f8887a9964 520add555ccbca7321335129b52653eab9ef85b25c1175e43de4ec2cb2a00b89 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	3.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 68c5401623017e7e2b60a9349a4dcd3a aedbdcc0168cdef4f7747df086d47d90213efd9a c2a4ec4595d1d7ce4d001526377ea14c773c91ad57da2a20ce192e162e5742dc Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 143.204.45.46 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	diffuser-cdn.app-us1.com/diffuser/diffuser.js	24 kB	2023-03-07	2023-04-05
Pretty URL diffuser-cdn.app-us1.com/diffuser/diffuser.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-04-05 02:07:52 Times Seen69 Hash 4d482a43613d3966f353ec9d97452e0c 4acc9cf492267ab6d351fb11246431bd7d6e6387 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	21 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen16 Hash 1ba1ef9c3b171a3703ef0e64f2ffb7a8 548642466bdfadb4b960614c92c043cc7bef2dac 1e591cd403a488c386f34d87f816993f1e515601081767abb1a088500ae37e63 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	21 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen16 Hash 2cb38a08323dbd99f3c05c4616bc6b77 c30aedbb04242c9228a33b1e26015b61f410c697 241cbf472bf26a2896d6e8138d7929d29a33d4f7b53b67df13b957d23b130fee Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	172 B	2023-03-07	2023-03-17
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-03-17 12:55:47 Times Seen1 Hash 1da4f5fdcdee6acc88ecf93522ccc86d dabbc02df9bb7c1f45b475cff0d692986f3e6fcd c250946ecf2aebf7c0fda8ec3f64635517af2d84704b2ea8a6f958d2ad98410a Loading...

	devilsms.live/clve-min.js	151 kB	2023-03-07	2023-04-30
Pretty URL devilsms.live/clve-min.js IP 199.188.200.254 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:38:47 Last Seen2023-04-30 22:10:37 Times Seen11 Hash a0af62af3a5f980137ece52d9604b17e 47803e4451aaae4f38c40d154f915e89155edc0d 28899904b99b7dc185a3ee4ef8a53a522ae488db692a9ee4d45ddfc07dc04a24 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.accAccordion.js	9.8 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.accAccordion.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash e843f4a5281f196eff6c61e3e428913d 91e2eb2e90cda1629a9bb7a08332b1afd5c20f7b b6353d3cc84ec7a0c6bb0277719e00445fa14d2ad878fbe0cd68edfe946fae01 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	42 B	2023-03-08	2024-04-18
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:49:39 Last Seen2024-04-18 14:30:24 Times Seen139 Hash 8885d8e87d93a63d70f1ba06fbdf15c5 7c9816edba75d121316c7295f577037f857a1770 2ec3c207b8482b0df2e5eaa5b0d1a8c03062a0958ff4ebd7fb6ea471630bd3c4 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	512 B	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 766edbc68cd6b62dae6cb9576acf110b c2de66ce394c3a82dda156baba651ca6c93b60f5 5a802146ceb48099b2c4f622f2e87f987feef82b39fa3631c733e58e60b8c33c Loading...

	apps.mypurecloud.com/widgets/9.0/cxbus.min.js	21 kB	2023-03-08	2023-03-17
Pretty URL apps.mypurecloud.com/widgets/9.0/cxbus.min.js IP 52.204.155.250 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:24 Last Seen2023-03-17 12:39:30 Times Seen1 Hash e70fc38e76816167a8ddc7c24ce6d716 2519299c13dd4dcf26499bdc9e326b417e056b72 b749f13b8ce527a1f077191a411ec87540b358a8bd66e9cdcb942c08612d4896 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jsSuite-1.9.6.js	91 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jsSuite-1.9.6.js IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash 53b588cffc791d73bab94beec314c1e6 54b22f179a2beea868b64a1a6f23fb56ac9c5b41 f2ee29338ccb04352257b449dcaf234eb5547894b3cc67f4efe83eb13b6966ff Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	128 B	2023-03-07	2024-01-05
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2024-01-05 05:27:41 Times Seen4 Hash f07adaf58e962a8636afb754a9a04c2e b021913ba6d249ad7f4c70dd66a33cf8d0b76252 ac9be3e1a371da333602f7b42406e5a5c9a78f1e3dab0a2e9477cd9d6ad8c1ec Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2024-01-01
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:15 Last Seen2024-01-01 05:01:16 Times Seen16 Hash 258ac0be54e333a28d69bfd394fcde90 daecd0687e8b00f5d67a7732ccbe9174326821d9 f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	21 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen16 Hash 3d73b1cb46543e532addca54e6761e8a 321bfdb72be1fadaaac2f1f4bdaef1c03375f3b6 2195b38e503e53362cb64f64eea69f3732e826168219ce6e6072f6fff774d186 Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	3.3 kB	2023-03-12	2023-03-12
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:50:24 Last Seen2023-03-12 09:50:25 Times Seen1 Hash c07db21d5b3dbe61ec546e944b435803 a252b2ffe3b4df4d6ec6cadf834b6c3ca3ba6dbd 874bbc3b21804b4b9fbf1b41480a34dc2d9b9d303643fe9a31fd841836af3d4f Loading...

	alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7	536 B	2023-03-07	2023-09-07
Pretty URL alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 IP 137.184.184.135 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:12 Last Seen2023-09-07 01:19:38 Times Seen3 Hash bf6492ad4b44f40b0ed4812ae01a05b6 8f786af39fd683a566e2ca0fdb45447348c19bcf 390938fbb57c9783619ad47e76eaa4a928ce28174b33c7bd30518ec5f61110b9 Loading...

HTTP Transactions (105)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd2bda30513692aa11a672c6a599935d
a944c3aa26b461063194a4bb95ce427d23a32d03
d975d1eab40c9fe4986ae0675d79e4f982eb9c0e2f503ca72b3bdf0ec9e7dfdc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D975D1EAB40C9FE4986AE0675D79E4F982EB9C0E2F503CA72B3BDF0EC9E7DFDC"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Wed, 28 Dec 2022 11:03:21 GMT
Date: Wed, 28 Dec 2022 07:54:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
78f1f94544ef06b96bb43283f59d100f
fa2f1a3730a98c6fa5ebf976143fb6093a7298be
889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4470
Expires: Wed, 28 Dec 2022 09:08:42 GMT
Date: Wed, 28 Dec 2022 07:54:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Wed, 28 Dec 2022 08:38:30 GMT
Date: Wed, 28 Dec 2022 07:54:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 07:46:45 GMT
content-type: application/json
age: 447
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LFdrtlvaaEh1MhMYxFwgjfURnxOBw8Vs4z9ZbJh954ZeQkF7HW665EIYlTwn7ZcLKd200zMACks=
x-amz-request-id: BVM26QACG0MJH1ND
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 06:56:03 GMT
age: 3489
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 07:54:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/dee19550f83660f1db5f958ef4763a5e/?cont=QERldmlsbWFzazA5&token=2cdfe0b3db95b783b519a00f59dcb481beecedd27827f66705cb16aa18a7c7e8c20b9face4d231cdf9fdfb3cb837fda43d076934a007afab7cdc7cb5c902e15b

137.184.184.135

302 Found

0 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/dee19550f83660f1db5f958ef4763a5e/?cont=QERldmlsbWFzazA5&token=2cdfe0b3db95b783b519a00f59dcb481beecedd27827f66705cb16aa18a7c7e8c20b9face4d231cdf9fdfb3cb837fda43d076934a007afab7cdc7cb5c902e15b
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /dee19550f83660f1db5f958ef4763a5e/?cont=QERldmlsbWFzazA5&token=2cdfe0b3db95b783b519a00f59dcb481beecedd27827f66705cb16aa18a7c7e8c20b9face4d231cdf9fdfb3cb837fda43d076934a007afab7cdc7cb5c902e15b HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 28 Dec 2022 07:54:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; path=/
Location: ../index.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 07:08:08 GMT
age: 2764
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60b8396db0bbfa5f2ae7e34c9d04ebcc
50b6c68aa2b2a459315a9989f5d3e326e8ad5539
c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:12 GMT
Last-Modified: Wed, 28 Dec 2022 07:03:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

alaskaus1a.dynamic-dns.net/index.php

137.184.184.135

302 Found

0 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/index.php
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /index.php HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 28 Dec 2022 07:54:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: 1086f9d67deb905989e831367a0726a0?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7

137.184.184.135

301 Moved Permanently

436 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
436 B (436 bytes)
Hash
d81337c2e70b1d78e002a98c2c04f381
dad87cee9cb13392c331ccfe16ab29a89a5af197
9c3d7d644cf172ace5ea28500c4b5a084b641dea3802b97e783bcd7785b0d0e9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Location: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Content-Length: 436
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

push.services.mozilla.com/

52.35.143.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.143.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tEihLHd9bDTs1jZHSxdgRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 968MRAk+9iWtUJtFXqqdV3239XY=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3474
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:13 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:22:56 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3474
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:13 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:22:56 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3130754e3b8ed3b210e00966aa579f0e
8d5b8f398fb17b9de7b8c825dd8d7eccfc1d9587
fffa7d428ef47447418b322ab16b038dd3a277639d8852a51de2c7de8d15fa3c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=86641
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:13 GMT
Etag: "63aa8e70-117"
Expires: Thu, 29 Dec 2022 07:58:14 GMT
Last-Modified: Tue, 27 Dec 2022 06:19:28 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:13 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 558126
expires: Mon, 18 Dec 2023 07:54:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHr%2Br%2BwiF4sqCWdo2Xonz6Pl2o3dZ30hluXps003u1T1PKk5cdxmZKIMNYlOr0BXo8fkxeInuXcWN4mDb3ogz9ayuThBHJ4mNfym3Sun9bxTjcgXfEE0LRVthVjtym686j5jHoXE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba0b7f7d1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css

104.17.24.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65317)
Size
15 kB (15248 bytes)
Hash
eaa2e9825d0aa4108e5c61a9058f5434
2c855186ced95e99325836c2af8b9cc2e823848a
65b91a9d675a0b22b90132b403e14db1fe82496a45c2a077ddecb2452e929077

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:13 GMT
content-type: text/css; charset=utf-8
content-length: 15248
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620188b3-3b90"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1783792
expires: Mon, 18 Dec 2023 07:54:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o51h6PDvIauYlMr%2F0%2FwNjNI0ztHXdlnfk2DuZdjTRw5WfaMrLFUSH1MDccCWXm81ktd%2F6bdc1Pg7sZVnwYSK%2BM63jeoBIWIz7bLdkFw8bwz0LdZ%2FFYrbCIR9tPUAsosCtf8GM13%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba0b88eb0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.148.64

200 OK

7.2 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21747)
Size
7.2 kB (7151 bytes)
Hash
4292e44eba0796aac4d0b7aab80daec2
8131fd92ed85c9e8378d78e2b668cd7163fdf875
0deff459ca0049e97fc03f4a80660ef7e69185057ffdcd1a462cd3bcaffb6e5b

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:13 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: QpLkTroHlqrE0LequA2uwg==
last-modified: Wed, 21 Dec 2022 07:32:46 GMT
etag: 0x8DAE3258E5CB56A
x-ms-request-id: 6bd0e487-b01e-00a1-089a-15167d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21854
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba0b8d72b4ed-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aaa1370e3342c33327dfd816c73e1435
8fb6511de801b02b33ba5b922ef11a841acb3e5a
f1b67598100c32a278495882d6b58f11596577e7ecab6a768554bfcca3106aff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3474
Cache-Control: max-age=134923
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:13 GMT
Etag: "63ab549e-117"
Expires: Thu, 29 Dec 2022 21:22:56 GMT
Last-Modified: Tue, 27 Dec 2022 20:25:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?matcher

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?matcher
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/alaska-common.js?matcher HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?cache

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?cache
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/alaska-common.js?cache HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css

137.184.184.135

200 OK

10 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
10 kB (10282 bytes)
Hash
769a0502a4414f3bb603934aa889b898
b35c6585cd3a533984b722815a93e041bcbb3378
7251e3e953dddf94f980a48e24415230d30695550b508f6ff651332adcbf23da

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 10282
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/chat/genesys_akusa.css?20220304133

137.184.184.135

200 OK

6.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/chat/genesys_akusa.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
6.7 kB (6703 bytes)
Hash
a8921a2f667584a0b9077674e495c7fe
f86326198b72901cfb534a51be7901e5659c7262
30e3261801acb89e2171e959c4012066d97772287a6003a2eabf8600f385afd5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/chat/genesys_akusa.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 6703
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-home.css

137.184.184.135

200 OK

8.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-home.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
8.7 kB (8733 bytes)
Hash
11e34766e053173238cb2c8bb998c90b
2e26ac2e0ae035b5ec51e35c4ded9add334208d2
97b570b1901b985a8d4d776cb47043de0320bd72754020b310eccb0464861a73

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/akusa-home.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 8733
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b65e4c5c5b2286c6d96788e524807b5b
1091c9a6d61410c121e0f142b4d7adc18301158a
a4ff847a4f2d2f4574855d108147d28df0e34a3f4409d64499e21b7173727ba3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 05:40:05 GMT
Expires: Wed, 04 Jan 2023 05:40:04 GMT
Etag: "1091c9a6d61410c121e0f142b4d7adc18301158a"
Cache-Control: max-age=596149,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7808ba0d9875b529-OSL

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133

137.184.184.135

200 OK

26 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (844), with CRLF line terminators
Size
26 kB (26526 bytes)
Hash
24de8c6dc6c62c60d5eff55f1dab26ab
db61e17f268b1d9dc9c8c39fc9bb0b7ca9425c09
623880727dce36ea3c3a6b65bbc9d56f29c2bfe4c134ca6a0c3d43a82c63f0dc

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 26526
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusafonts.css

137.184.184.135

200 OK

4.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusafonts.css
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4745 bytes)
Hash
7bca826d32f3e3f41c0df8f236402ca9
9880a8aade6efaf4d80ec22a4b0976185ee37d36
91c30fc9915df9e1e486290b11d4ea724b0473b64c02d77bbbf1d8d03b75714e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/akusafonts.css HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 4745
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?async

137.184.184.135

200 OK

1.7 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/alaska-common.js?async
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.7 kB (1713 bytes)
Hash
9bed8a3055a7d97e2d28eb30fc0df992
0430ea56087da3489c26f3390fad8fecfabe9e18
144a259a5498b4d784eec2e72a9cf689203c3ce48b574c9af21b4e258cfc851c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/alaska-common.js?async HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 1713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9671cd42841ab75d9f292268909b8c75
523ea3899be44267861aec842eebc2e18c597f6e
15a92cbaad10b73d775e0668f819fa764e83a1cfb2a0b5c8fff393d5bb9a7104

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128119
Date: Wed, 28 Dec 2022 07:54:14 GMT
Etag: "63ab39d0-1d7"
Expires: Thu, 29 Dec 2022 19:29:33 GMT
Last-Modified: Tue, 27 Dec 2022 18:30:40 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p8p_8DD4Clg4ddlLEElYwYUIaGkM5eUG8xqrrJ3EuXxoui_pyod8nA==
Age: 3533

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.accAccordion.js

137.184.184.135

200 OK

9.8 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.accAccordion.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
9.8 kB (9771 bytes)
Hash
e843f4a5281f196eff6c61e3e428913d
91e2eb2e90cda1629a9bb7a08332b1afd5c20f7b
b6353d3cc84ec7a0c6bb0277719e00445fa14d2ad878fbe0cd68edfe946fae01

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery.accAccordion.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 9771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.leanModal.AKUSA.2.1.js

137.184.184.135

200 OK

15 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery.leanModal.AKUSA.2.1.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
15 kB (14977 bytes)
Hash
f3c5c552762590af3bf7627387961052
577de72de0f60b0b00018c1f143c23f8887a9964
520add555ccbca7321335129b52653eab9ef85b25c1175e43de4ec2cb2a00b89

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery.leanModal.AKUSA.2.1.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 14977
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

devilsms.live/css/alaskausa/akusa-base.css?20220304133

199.188.200.254

404 Not Found

1.2 kB

URL HTTP/2
devilsms.live/css/alaskausa/akusa-base.css?20220304133
IP
199.188.200.254:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /css/alaskausa/akusa-base.css?20220304133 HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 28 Dec 2022 07:54:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

apps.mypurecloud.com/widgets/9.0/cxbus.min.js

52.204.155.250

200 OK

7.0 kB

URL HTTP/2
apps.mypurecloud.com/widgets/9.0/cxbus.min.js
IP
52.204.155.250:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (20450)
Size
7.0 kB (6977 bytes)
Hash
bcc2ec1ce14ec44b03e850191f1c660f
f0918f7d44679870d9abfd52a2c91f139b9a6925
c36febef70f02488e9ca5db43f9b6e510bdd75c98878fe69b519282add67f95e

HTTP Headers

GET /widgets/9.0/cxbus.min.js HTTP/1.1
Host: apps.mypurecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: text/javascript
content-length: 6977
server: nginx
x-amz-id-2: B8BVnNKhlkugRKAwNvXyPu7OV8ZYLbfNC69lbElxNcosj+CuLN5AJUbf11wfIOEQ4PC/harTQTo=
x-amz-request-id: G57EJ4TNKX1S6WDB
cache-control: max-age=0, no-cache
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 11:04:39 GMT
x-amz-version-id: zvxGsS5zFCx_BNFBE7YwFMviBcqvk8Ax
etag: "bcc2ec1ce14ec44b03e850191f1c660f"
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

127 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size
127 kB (126828 bytes)
Hash
297973a488f688271dd223d542ba2697
ed99d812e4c88826335f93acede3fad85c90fb54
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 126828
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-1ef6c"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9945892
expires: Mon, 18 Dec 2023 07:54:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ3E5UWzxJ%2B85VCIuVG9X4QykT2QkEjvfrhDpOa5rVforDFvpBXGyJKihPMQ%2BGFH0Hvtn8VvlQh%2FWnROOTJhhxKz0ugIAMswnFs68kHF86j7TjPlnD89W3nh0iH6FMAbzO9zqqUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7808ba0f7bc30b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json

104.16.148.64

200 OK

1.1 kB

URL HTTP/2
cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2455), with no line terminators
Size
1.1 kB (1076 bytes)
Hash
211807a849e22c8f1e15c6bf1812d9dd
f5966037a3678ba8aeb2a2ad6ec2dc8be39c1358
7b2bfde084be9f5de169c28ce3781acebcd39e7a973c201989d7a545e7acc94d

HTTP Headers

GET /consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/x-javascript
content-length: 1076
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: IRgHqEniLI8eFca/GBLZ3Q==
last-modified: Tue, 01 Dec 2020 21:11:52 GMT
etag: 0x8D8963DB9DC26A4
x-ms-request-id: 0d8516d3-501e-0067-718f-1a6b41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 29 Dec 2022 07:54:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba0f4fd50b55-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11486
Expires: Wed, 28 Dec 2022 11:05:40 GMT
Date: Wed, 28 Dec 2022 07:54:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11486
Expires: Wed, 28 Dec 2022 11:05:40 GMT
Date: Wed, 28 Dec 2022 07:54:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11486
Expires: Wed, 28 Dec 2022 11:05:40 GMT
Date: Wed, 28 Dec 2022 07:54:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11486
Expires: Wed, 28 Dec 2022 11:05:40 GMT
Date: Wed, 28 Dec 2022 07:54:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10914 bytes)
Hash
369bb708ac21a9219cae15dbf33fd225
64885e8ead4ee24b43274ada628ab47cba6c6703
04ba2c600a01344d2cb3fbd2fb5e1dc17d12d018e685f55870da70cd5a85b1ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10914
x-amzn-requestid: 86f79e43-1faa-431d-b88a-6e1baaabb1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z9YF1AIAMFyKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66bb-6b418d8b0ceb68a92ec5cbd9;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jl9Pail3VVSDgB3KWrdxo26nQeRQ4rVqfk7I-dxHuxPH9WSBvPUQ8g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:58:24 GMT
age: 35750
etag: "64885e8ead4ee24b43274ada628ab47cba6c6703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7817 bytes)
Hash
8ab36b0d168174ef2d960be9810fdb2d
7c8a7415cab3ef88b5d1204af214a687b1676dda
a1d842fd02273603db0090d34c317d7a3ce3e5f00f29271d45fc4ed6d09ee21e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 21a68509-6fec-48b3-8bce-fb2ebfab3289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuCEVwIAMFUrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-5e23ceec731631d93e01e2c8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XW37o6TY-ynuySDq8QgtRV96fMBxkZeslHuLJNWBDLaiSz-fHJSQDA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:40 GMT
age: 37114
etag: "7c8a7415cab3ef88b5d1204af214a687b1676dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11486
Expires: Wed, 28 Dec 2022 11:05:40 GMT
Date: Wed, 28 Dec 2022 07:54:14 GMT
Connection: keep-alive

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
d9dcccae2018607dee1459081249c91e
2ecfa42f64013afc536c16fcd2250d8229f81654
41839d89192ec4771a6cd5a431617c0b7855701f93c722d025d3f056f109b552

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 70cc8d68-0917-472f-9d64-1d4f708791e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuVGkHoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c1-2aba103f6a75466c19ddbbd6;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _XWlZ2SqSaIrAaT7MXl21X7zkIAoFsj4Tyf5jN7JLcrsuL9g1T9zdQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:45 GMT
age: 37109
etag: "2ecfa42f64013afc536c16fcd2250d8229f81654"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6009 bytes)
Hash
f810df3c7a9cc088b68a912023460d35
76c0e59325b5c046cf68c0268374df317b81be97
a46f2bc69415ce3b749a2765e98e0c2aad012050fa784d7326a0142a6a41a4dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6009
x-amzn-requestid: 25333cb9-5ba3-44d1-8862-2cc2658b64fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_MGbeoAMFrSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c7-23af33ff50839c6834137df3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JmrzmSBdLJDQesHcs_dUm1C3xjHDVfOY1bHXjVoujVPoPJ6jsTSsoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 22:02:35 GMT
age: 35499
etag: "76c0e59325b5c046cf68c0268374df317b81be97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5961 bytes)
Hash
7b7f0c866bf3ac4531371ad2060951b5
48251361ab12813116d9aba69bb646bf11e54b76
33eacdc9a4c0f1c0494c153e6c8bf8dcebb5d1447aeb22fb2a799f2b631f4da7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5961
x-amzn-requestid: 527254dd-5774-4b0a-92c6-b03385ea17e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0m_gHFZoAMF8gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab51fc-6808bf07003234666b176f10;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 20:13:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BEjsTYluC9DE846mwrcRYOm-r-V18WVbsV1T8OJJC-KcMhllzHhuQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 04:54:33 GMT
age: 10781
etag: "48251361ab12813116d9aba69bb646bf11e54b76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5577 bytes)
Hash
50a3433c386a2d8435a10b572d986161
a97620796ae1a146e719f4a46e98c57a4af472ed
b4954da0a678a4df8c3dd7df0376c04c446fad03b94f6363938b29b0b58b782a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5577
x-amzn-requestid: b9f47205-66da-4ef7-bf83-f237bd4dd9e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0ys9FYKoAMFwWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64b9-5bcf6f3b23d1f2b1206c91cc;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BynwJdv-JV-UFO98M3C5ZZIJqbx7wVQkR6aJAgJHAzuDGih4D-Izug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:33 GMT
age: 37121
etag: "a97620796ae1a146e719f4a46e98c57a4af472ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Floating-Banner.png

137.184.184.135

200 OK

22 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Floating-Banner.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 551 x 278, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22453 bytes)
Hash
9f8078aa4d957d75bd69f81053322b7b
f822ee9b43eb74adb8da0cb6d06114dc4041810d
21ad128a12235c4aea0f7198b1013df45c88086b3b683c03140896880852b713

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Floating-Banner.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 22453
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/AUIB_Q3_promo2.jpg

137.184.184.135

200 OK

29 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/AUIB_Q3_promo2.jpg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Size
29 kB (29268 bytes)
Hash
c1dcde5137e55d4cb3784916e3e2c274
a89b07d8fb3283be9d5666cab2dd2aa89d90732a
00ecd414747be72b5c838213800ee09b90f18d9192c0ae7eac1e40c51c2157f7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/AUIB_Q3_promo2.jpg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 29268
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

104.16.148.64

200 OK

76 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65456)
Size
76 kB (75725 bytes)
Hash
e7a8ce5ef8215374621482a2676661fa
7b6bc27ac67eaac0dae3232a35bc00291dab31ee
e2c27f7bef589673705523c319c673232f8076da5aceba1385b8127134d92305

HTTP Headers

GET /scripttemplates/6.9.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/javascript
content-length: 75725
content-encoding: gzip
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
etag: 0x8D88D721D404CB2
x-ms-request-id: 7aa00b60-f01e-00e2-4342-ca3c94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 33503
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba101a77b4ed-OSL
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jsSuite-1.9.6.js

137.184.184.135

200 OK

91 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jsSuite-1.9.6.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (355), with CRLF line terminators
Size
91 kB (91138 bytes)
Hash
53b588cffc791d73bab94beec314c1e6
54b22f179a2beea868b64a1a6f23fb56ac9c5b41
f2ee29338ccb04352257b449dcaf234eb5547894b3cc67f4efe83eb13b6966ff

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jsSuite-1.9.6.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 91138
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-W942G3C

142.250.74.168

200 OK

99 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-W942G3C
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (58089)
Size
99 kB (99118 bytes)
Hash
01e22d6de5641521f72a583fc9374f92
e016bea0dee98027d3a3584b389d62a9c66f304b
ac71ca277365567860783951df89a6a4122aff0e780a2e2e62825abd3bac0eeb

HTTP Headers

GET /gtm.js?id=GTM-W942G3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Dec 2022 07:54:14 GMT
expires: Wed, 28 Dec 2022 07:54:14 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json

104.16.148.64

200 OK

8.7 kB

URL HTTP/2
cdn.cookielaw.org/consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (37852), with no line terminators
Size
8.7 kB (8745 bytes)
Hash
85fa3d06bc741c78b02b776492c55805
939bbcd314a30f3e88189f28eaa18bbdeb988531
097fac9b6967198154f49aa3f5560c58c2f5fe0a4e861fc08925112619e20854

HTTP Headers

GET /consent/d9012451-973f-4944-835c-e7020071d90c/82045980-0c4f-45c5-a55d-2602076815ae/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alaskaus1a.dynamic-dns.net/
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/x-javascript
content-length: 8745
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: hfo9Brx0HHiwK3dkksVYBQ==
last-modified: Tue, 01 Dec 2020 21:11:53 GMT
etag: 0x8D8963DBA299157
x-ms-request-id: 497094b4-401e-003c-388f-1a6c3d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 29 Dec 2022 07:54:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba1098920b55-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alaskaus1a.dynamic-dns.net/current/chat/genesys_config_prod.js?20220304133

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/current/chat/genesys_config_prod.js?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /current/chat/genesys_config_prod.js?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery-3.5.1.min.js

137.184.184.135

200 OK

151 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery-3.5.1.min.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (755)
Size
151 kB (150952 bytes)
Hash
2558cf546bbf6869abc41ae82d3219b0
86c35ee20d992d7c408ebf64608592458604eb8e
6e7e019e8348c366ad234e388d1d52ea7c06a0c573af42915f8d865ca4a0943f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery-3.5.1.min.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 150952
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/header_bg.png

137.184.184.135

200 OK

8.1 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/header_bg.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 156 x 165, 8-bit/color RGB, non-interlaced\012- data
Size
8.1 kB (8058 bytes)
Hash
f420d4563192f414fabc27808342a8b2
80d69a4a339f6ddfe991d41d798d9a58fa0a21ea
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/nav/header_bg.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 8058
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/menu.png

137.184.184.135

200 OK

3.5 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/menu.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3450 bytes)
Hash
d87c14fbb0d7e31b83743cbd6df7a8ac
d2a0c35bff9de53b3a0a95b51ce2cb6e84cfab62
5843719ef8d592f4fb98f1dc4b9125cc398e15f193b5c6cf5898f667478a8d8d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/nav/menu.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 3450
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/navSprites.png

137.184.184.135

200 OK

14 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/navSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 240 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14383 bytes)
Hash
2c34097881e44683ea2c683b9c4c6fba
c3053cdec4d858a66cdaeb71e6612115508513a8
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/nav/navSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 14383
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.js

137.184.184.135

200 OK

503 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.js
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
503 B (503 bytes)
Hash
a05205ab34b77ce150fc656877ed7ad4
a956b344e7667ead466b00ea1b9b084be26d2dbe
ae0504a1ad1fcaeed38caeb65931eb9f34a6af7805fa0be6b55b7692d2136ea2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.js HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 91213
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

js.adsrvr.org/up_loader.1.1.0.js

143.204.45.46

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
143.204.45.46:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1882 bytes)
Hash
8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 11:01:06 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JG3GcwspX8NcHZF-fwXrXiTiXG_KqvhsYGOa6ykinI_F0_5eoTNyYw==
Age: 75189

alaskaus1a.dynamic-dns.net/css/nav/homeSprites.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/css/nav/homeSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /css/nav/homeSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-print.css?20220304133

137.184.184.135

200 OK

557 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-print.css?20220304133
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
557 B (557 bytes)
Hash
9c68542fafe8bbb0070cdcb4bc2e1446
bc259cc4ad82760d329622caf0c47b32a7beadc9
ca79306c82cb06f6bf0875b7ae0689573d94713fb0bcafe0e9eb2d799748b376

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/akusa-print.css?20220304133 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 557
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

104.16.148.64

200 OK

3.3 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (9812)
Size
3.3 kB (3343 bytes)
Hash
9cbaf88448b87ee2d8fe9d0342c2dc30
1cf1fd7433bdec6c2df027324f096798ebaf901c
43cc23a546d37f0309106333b51536e7aafc32628a1f30cfdf392617cc63d07a

HTTP Headers

GET /scripttemplates/6.9.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alaskaus1a.dynamic-dns.net/
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/json
content-length: 3343
content-encoding: gzip
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
etag: 0x8D88D721792550E
x-ms-request-id: e5869c0f-301e-013c-198f-1a2a68000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba11f92f0b55-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

104.16.148.64

200 OK

15 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (40572)
Size
15 kB (14986 bytes)
Hash
b9efcc4cd7088d208d5ad95e41f6ebce
790d1abf88effa775928e80df39b2705f7df029c
defa90de6be43c19475eb9e97195d534aa42705338d7cb6094d2eded41663abb

HTTP Headers

GET /scripttemplates/6.9.0/assets/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alaskaus1a.dynamic-dns.net/
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:14 GMT
content-type: application/json
content-length: 14986
content-encoding: gzip
content-md5: ue/MTNcIjSCNWtleQfbrzg==
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
etag: 0x8D88D7217E98574
x-ms-request-id: b8472e43-101e-008e-318f-1a9747000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7808ba11f9310b55-OSL
X-Firefox-Spdy: h2

devilsms.live/clve-min.js

199.188.200.254

200 OK

51 kB

URL HTTP/2
devilsms.live/clve-min.js
IP
199.188.200.254:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51069 bytes)
Hash
724ad5d75674097f5d14e70982a3bc6e
87146103e33be6cdf8d828351685c70f2a6cb7e3
d1a51f6f6c798129732b8ae1c654d6a68af918bb63e05b45c75cf4c614c27260

HTTP Headers

GET /clve-min.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 04 Jan 2023 07:54:14 GMT
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 11:17:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 51069
date: Wed, 28 Dec 2022 07:54:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7

137.184.184.135

200 OK

68 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (370)
Size
68 kB (67696 bytes)
Hash
693c6b4c0dbc87c649c188748922e9b5
4dffecf1b03d3a18ab25face2ad92d1dfe4c5ce7
0698b8be0a7ae8e6dfc3a116be36d1df7d4a90f8880c02f113a018973e5179a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5c91f5b22b97080ae90fce9110f6ea3c
4a2376c7ece5d08d7b6a67694e247f91c97e71bd
96a3d8ac4873bdf0674078f5ed745c20abfe6f38da6a2aa0d06a091a25d3719c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3988
Cache-Control: max-age=134718
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:14 GMT
Etag: "63ab51d0-117"
Expires: Thu, 29 Dec 2022 21:19:32 GMT
Last-Modified: Tue, 27 Dec 2022 20:13:04 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/akusafcu_logo.png

137.184.184.135

200 OK

16 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/akusafcu_logo.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16228 bytes)
Hash
dc43cc5c96d54639189781edf322cac9
26c53d9c975f997481520a336ac5f6a22f115c74
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/images/nav/akusafcu_logo.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 16228
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Background-Photo.jpg

137.184.184.135

200 OK

102 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Background-Photo.jpg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Size
102 kB (102157 bytes)
Hash
4a3df69aaf1351430579c94cc849fce5
e7ba778e7330a03b8bd3ffd3f2167fe1be06277d
a4e65c59ce489d1aa83c497988f6531cc9d50b9aa8e35683cccf99351efa854d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/21205_Background-Photo.jpg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 102157
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/warning.png

137.184.184.135

200 OK

1.2 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/warning.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1249 bytes)
Hash
9e1021883b3f3114c30a7cb29529ac5e
a20cdec04360f8075da7ae8b879f3cebe21e12e3
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/warning.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/ncua.png

137.184.184.135

200 OK

4.3 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/ncua.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4280 bytes)
Hash
38b7240d957be9f71b5271246fb01f67
9007e7baf8e357ac11c8541c871e48960c8d9f30
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/images/nav/ncua.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 4280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/Global_Credit_Union.png

137.184.184.135

200 OK

8.1 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/Global_Credit_Union.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8073 bytes)
Hash
84bdc38197c7818f817a51fe9aa5f877
3bbdf85f533485b40d88ac267ad3c492926b8854
cc0fe675f5052acd49345b248c172325b19c3ebbda672922a95da2fbfeab1d83

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/secondary/Global_Credit_Union.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 8073
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

prism.app-us1.com/?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7

104.17.145.91

200 OK

0 B

URL HTTP/2
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
IP
104.17.145.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?a=25948200&u=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7 HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:15 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=83b01bb2-fd63-4b9f-a413-1350412b2d57; expires=Fri, 27-Jan-2023 07:54:14 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 36
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7808ba12dca50b59-OSL
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/homeSprites.png

137.184.184.135

200 OK

190 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/nav/homeSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 272 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size
190 kB (190407 bytes)
Hash
c6dfc43f4439d97b3796d7141fefd850
d86a787e16816d02f05b18210bf5649ed403f10d
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/css/nav/homeSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/css/akusa-desktop.css?20220304133
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 190407
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/Floating-Banner-Q3.png

137.184.184.135

200 OK

32 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/Floating-Banner-Q3.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 358 x 181, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31636 bytes)
Hash
a41c669e9b9514fb82605ccacdc51da6
0bcbe8fe1608666e28a784d896e6bf4fb102ff96
4204d2dcd83bea2a69ffb73451c76aa8f084757518c0f4cff773bd107a95b309

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/current/promo/data/images/primary/Floating-Banner-Q3.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 31636
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/jumplink-white.svg

137.184.184.135

200 OK

2.4 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/jumplink-white.svg
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1867), with CRLF line terminators
Size
2.4 kB (2407 bytes)
Hash
6dcde879818507082d2265149a8c18ec
6d0b5f93f83b2b2c519fcd777dc4255da2540d6a
7d91fb8cf3f42097497f47b0f61a198844ea27d162350d017b80dc4ce2a158bf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/images/jumplink-white.svg HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:14 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 2407
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/EHL.png

137.184.184.135

200 OK

3.3 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/nav/EHL.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Size
3.3 kB (3317 bytes)
Hash
859cf2ed8319f4931c1e2371bee8b46d
ff866fe6e3071999e6c057dae5aed927aefd047f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/images/nav/EHL.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 3317
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/ajax-loader.gif

137.184.184.135

200 OK

4.2 kB

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/ajax-loader.gif
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/ajax-loader.gif HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.1.1106216752.1672214050

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 4178
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif

alaskaus1a.dynamic-dns.net/css/nav/navSprites.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/css/nav/navSprites.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /css/nav/navSprites.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.1.1106216752.1672214050

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0050029cd95c89afcefa13544ed2370d
92127d7e78d16a6cc8d660f03f8359cf205893a7
236b21306ce2ef6eb433e635da642608ed153c4f18df361546434f5a9f471cec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4431
Cache-Control: max-age=115339
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Etag: "63ab0463-1d7"
Expires: Thu, 29 Dec 2022 15:56:34 GMT
Last-Modified: Tue, 27 Dec 2022 14:42:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 28 Dec 2022 06:41:11 GMT
expires: Wed, 28 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 4384
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c40d80fc68e11fd09a9a5b2a1d31a99c
9b5570c09f3a847e6bf91cb91638c7c806e079b3
6de9c5d54998c01fdedde58137519c2e1032ff13d4053495479a335ee1c32f60

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/bat.js

204.79.197.200

200 OK

12 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Size
12 kB (11472 bytes)
Hash
b77f77f4f821a11c0a501be8d6a19659
7bba3d65db27d7c0e050bbf2294021433221de5d
e80b6b1a2f792de4681310088abf8d9172a81ee10a54965c8eb602fae2d92319

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11472
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=18730CE0B80C6C8F3D771E68B9F96D7F; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFC7147907F745BC9454732AAA8A0F38 Ref B: OSL30EDGE0518 Ref C: 2022-12-28T07:54:15Z
date: Wed, 28 Dec 2022 07:54:15 GMT
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bwHlqi68WjG9Lby0uPJQ6jtaBY4swUNUAIyLMBAFWkr1P6lEq4fQmcUQGc+eJLgsV7YOMC8gY/p/k4zUVlBMKQ==
content-length: 27298
x-fb-trip-id: 2074150462
date: Wed, 28 Dec 2022 07:54:15 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214050138&cv=11&fst=1672214050138&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1975439143.1672214050&rfmt=3&fmt=4

142.250.74.130

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1672214050138&cv=11&fst=1672214050138&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1975439143.1672214050&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2269), with no line terminators
Size
1.0 kB (1032 bytes)
Hash
ed55c331fb14ae6afba5e1c7e1022b41
350fa6b3272a2bb8b451cc2e3843396dab67afbb
171b6fce0e7221f7bfe3d7b9dbd70f3666775671302e6225ed16eb1d3bc4def2

HTTP Headers

GET /pagead/viewthroughconversion/831978068/?random=1672214050138&cv=11&fst=1672214050138&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1975439143.1672214050&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1032
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Dec-2022 08:09:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.woff

137.184.184.135

200 OK

74 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.woff
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
488f21ea7c716d40e0d3b2825ccdf018
3d1d54da233c616ec3a6f5fe0e13833ba9f1201b
189fc4aa307b90cb0dc80ce8265306b02a2faba33f98755066c4f1d14e544bb7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.woff HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.1.1106216752.1672214050

HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 07:54:12 GMT
Accept-Ranges: bytes
Content-Length: 74
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0050029cd95c89afcefa13544ed2370d
92127d7e78d16a6cc8d660f03f8359cf205893a7
236b21306ce2ef6eb433e635da642608ed153c4f18df361546434f5a9f471cec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4431
Cache-Control: max-age=115339
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Etag: "63ab0463-1d7"
Expires: Thu, 29 Dec 2022 15:56:34 GMT
Last-Modified: Tue, 27 Dec 2022 14:42:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/j/collect?v=1&_v=j98&a=1328066539&t=pageview&_s=1&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=330875593&gjid=1559261548&cid=1106216752.1672214050&tid=UA-105087488-1&_gid=419509831.1672214051&_r=1&gtm=2wgbu0W942G3C&z=348904584

142.250.74.110

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1328066539&t=pageview&_s=1&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=330875593&gjid=1559261548&cid=1106216752.1672214050&tid=UA-105087488-1&_gid=419509831.1672214051&_r=1&gtm=2wgbu0W942G3C&z=348904584
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1328066539&t=pageview&_s=1&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=330875593&gjid=1559261548&cid=1106216752.1672214050&tid=UA-105087488-1&_gid=419509831.1672214051&_r=1&gtm=2wgbu0W942G3C&z=348904584 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: http://alaskaus1a.dynamic-dns.net
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c40d80fc68e11fd09a9a5b2a1d31a99c
9b5570c09f3a847e6bf91cb91638c7c806e079b3
6de9c5d54998c01fdedde58137519c2e1032ff13d4053495479a335ee1c32f60

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/icon-76@2x.png

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/images/icon-76@2x.png
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/images/icon-76@2x.png HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.1.1106216752.1672214050

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=a023f732-9134-410b-ae84-b78bbe47b84f&sid=d078b2c0868411ed9d0643545df08a79&vid=d078a340868411ed8e12b7d272e4ff7c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&r=&lt=3129&evt=pageLoad&sv=1&rn=569922

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=a023f732-9134-410b-ae84-b78bbe47b84f&sid=d078b2c0868411ed9d0643545df08a79&vid=d078a340868411ed8e12b7d272e4ff7c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&r=&lt=3129&evt=pageLoad&sv=1&rn=569922
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=134612163&tm=gtm002&Ver=2&mid=a023f732-9134-410b-ae84-b78bbe47b84f&sid=d078b2c0868411ed9d0643545df08a79&vid=d078a340868411ed8e12b7d272e4ff7c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&r=&lt=3129&evt=pageLoad&sv=1&rn=569922 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=14180A1ED335633A311A1896D2C0628B; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C9AABDD18DF475C97FB9E684DF669DF Ref B: OSL30EDGE0518 Ref C: 2022-12-28T07:54:15Z
date: Wed, 28 Dec 2022 07:54:15 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
66bebe7c4a03fcf72b3378dbb0a68518
4027df6b9ff491fa10741749325ad76ac5b974a7
1d8637f2196b92f26c00837d00e3ecaf7fecff7e0a4ff027885f0b6128dcbb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alaskaus1a.dynamic-dns.net/favicon.ico

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/favicon.ico
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/?cont=QERldmlsbWFzazA5&token=e7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.1.1106216752.1672214050

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
52ca073ad56859a4aa27c7711a0280e0
0f9481ab1d4503f6768b94aca521a8e6a1cacc16
3be123f7c76a1cb88f5f06d8359ee810eb5aa11540c89bc747318101e3585145

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/831978068/?random=1672214050138&cv=11&fst=1672210800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=3277075208&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/134612163.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/134612163.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/134612163.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0A100CA3B88966A02D9F1E2BB97C67F7; domain=.bing.com; expires=Mon, 22-Jan-2024 07:54:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00F2C7ED246A449CB067103B4A85B10C Ref B: OSL30EDGE0518 Ref C: 2022-12-28T07:54:15Z
date: Wed, 28 Dec 2022 07:54:15 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
66bebe7c4a03fcf72b3378dbb0a68518
4027df6b9ff491fa10741749325ad76ac5b974a7
1d8637f2196b92f26c00837d00e3ecaf7fecff7e0a4ff027885f0b6128dcbb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ae0707aeabde36523941c20a68b5254
f882332bd8b3c0147af8ca8788be4a290d155766
537eefee073333371ff318be540498d3923603b79e282d6dd706cea5670caa8c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 07:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=1106216752.1672214050&jid=330875593&gjid=1559261548&_gid=419509831.1672214051&_u=YADAAEAAAAAAACAAI~&z=475509496

209.85.233.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=1106216752.1672214050&jid=330875593&gjid=1559261548&_gid=419509831.1672214051&_u=YADAAEAAAAAAACAAI~&z=475509496
IP
209.85.233.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105087488-1&cid=1106216752.1672214050&jid=330875593&gjid=1559261548&_gid=419509831.1672214051&_u=YADAAEAAAAAAACAAI~&z=475509496 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://alaskaus1a.dynamic-dns.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1328066539&cid=1106216752.1672214050&ul=en-us&sr=1280x1024&_s=1&sid=1672214050&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1328066539&cid=1106216752.1672214050&ul=en-us&sr=1280x1024&_s=1&sid=1672214050&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oebu0&_p=1328066539&cid=1106216752.1672214050&ul=en-us&sr=1280x1024&_s=1&sid=1672214050&sct=1&seg=0&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://alaskaus1a.dynamic-dns.net
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://alaskaus1a.dynamic-dns.net
date: Wed, 28 Dec 2022 07:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.ttf

137.184.184.135

404 Not Found

315 B

URL HTTP/1.1
alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.ttf
IP
137.184.184.135:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ETPRO INFO DYNAMIC_DNS HTTP Request to a *.dynamic-dns.net Domain

HTTP Headers

GET /1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/fonts/slick.ttf HTTP/1.1
Host: alaskaus1a.dynamic-dns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/1086f9d67deb905989e831367a0726a0/js/jquery/acc-slick/slick.css
Cookie: PHPSESSID=731e4b042e5b00b79afcb899515465c9; agft=2d2aa13c7daaab18ec18d0031a0f685f.32355359; agfs=2d2aa13c7daaab18ec18d0031a0f685f.32355359&1672214051&1672214051&direct&(none)&&&&&; _gcl_au=1.1.1975439143.1672214050; _ga_R11FYFZ8HF=GS1.1.1672214050.1.0.1672214050.0.0.0; _ga=GA1.2.1106216752.1672214050; _gid=GA1.2.419509831.1672214051; _gat_UA-105087488-1=1; _uetsid=d078b2c0868411ed9d0643545df08a79; _uetvid=d078a340868411ed8e12b7d272e4ff7c

HTTP/1.1 404 Not Found
Date: Wed, 28 Dec 2022 07:54:15 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&rl=&if=false&ts=1672214051239&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214051239.1438240740&it=1672214050983&coo=false&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&rl=&if=false&ts=1672214051239&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214051239.1438240740&it=1672214050983&coo=false&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&rl=&if=false&ts=1672214051239&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672214051239.1438240740&it=1672214050983&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 28 Dec 2022 07:54:15 GMT
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&upid=q8skero&upv=1.1.0

35.71.131.137

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&upid=q8skero&upv=1.1.0
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=p6q6pct&ref=http%3A%2F%2Falaskaus1a.dynamic-dns.net%2F1086f9d67deb905989e831367a0726a0%2F%3Fcont%3DQERldmlsbWFzazA5%26token%3De7e08cda8ef05c2c4e4e8b50fe7c30b7c53b29ada4d44ae2c7cabda5c171ee5b1fb7e9a7a882c58adc9664c2b2a0db5a1c2a2b75e70a90a21267e70309ac55d7&upid=q8skero&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alaskaus1a.dynamic-dns.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Dec 2022 07:54:16 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations