r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19081
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 06:07:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2607
Expires: Fri, 09 Dec 2022 06:50:33 GMT
Date: Fri, 09 Dec 2022 06:07:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 05:08:17 GMT
content-type: application/json
age: 3529
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16358
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 06:07:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aPvCeeXs9NyP8XH6SjfycA/owOikvyrTUMIFiV5pdUi0veaK+r9VnRNYF3eyIkwyqhbe3+41uns=
x-amz-request-id: M7Q95QVP0DK9G2ZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 05:50:08 GMT
age: 1018
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 06:07:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
137.184.9.91200 OK 788 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 51264b5d1d6ce360719bf6943fb1292c
ea94029e58b70ca29fa54fc51adca36d9f4a9b52
a26c3daab362e4e7d5751cf2e3dc99253b6746e5f7c7b2c67e173c3bf9607c84
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/ursula.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:27:24 GMT
Accept-Ranges: bytes
Content-Length: 788
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/Login.php
137.184.9.91200 OK 115 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/Login.php
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647)
Size 115 kB (114742 bytes)
Hash 805a68e94fdb90308e3898e67867d395
41616b86eb2a1c24fb49502e1f9cd3f193bb2222
fa6ada59f6b390ea550e46ee967e1ab8058d23151a45fb084051846d56ebc6cf
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish HSBC Bank
fortinet Phishing
GET /Login.php HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mail.sehsbcsecuruty.duckdns.org/files/css/activate-key.css
137.184.9.91200 OK 563 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/activate-key.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3970ebecaa5bd9c2b84af6cd485eaa70
0687d467d7b77dd43c87776a249d28163e9088f7
34ba29b9c2ce5c6f6e4d98c3bf10a89eadcdeb2ad23ea1306ae288043c6dd41a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/activate-key.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:48 GMT
Accept-Ranges: bytes
Content-Length: 563
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/AlertBox.css
137.184.9.91200 OK 4.9 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/AlertBox.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash d65d632b0d0c80cedf6572edbba26621
06b341c938269899ac73ba1fa84b02ffaf15a6af
ef2814370444e49d521ced09c83a63153de60e284eb94b90372ee2f5dc248174
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/AlertBox.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Sat, 04 Apr 2020 11:58:38 GMT
Accept-Ranges: bytes
Content-Length: 4872
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/footer.css
137.184.9.91200 OK 5.4 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/footer.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8a34dfcbe63056b334a25dd71adc7786
def829ba23aaf341fd40cf99920c28f3c7670c55
c619e5785d2a31873054de14f8f148c7c88d50eca34eee6b7f89f920902604e5
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/footer.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:50:48 GMT
Accept-Ranges: bytes
Content-Length: 5392
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/keylogin.css
137.184.9.91200 OK 143 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/keylogin.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash cf11cceb67bf369232de044f3d3f7db2
d6e519f2076c6e28043825650a6e7a5798817841
f53b112005c21b572c97d462ccb3e8a0ed983d50ed4e47f9e93171c5bb3f903c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/keylogin.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:52 GMT
Accept-Ranges: bytes
Content-Length: 143
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/grid.css
137.184.9.91200 OK 2.1 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/grid.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash d8e9ec5947dd82446034c4acfc6c1670
cba2439d518029e31a940f8d0eb0128c8e771098
e62d6ace4c38eed197fbad4b9687d14fd8fc1a2eb91d37044087c527c0686be0
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/grid.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:50 GMT
Accept-Ranges: bytes
Content-Length: 2088
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 05:07:59 GMT
age: 3548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.sehsbcsecuruty.duckdns.org/files/css/lightbox.css
137.184.9.91200 OK 6.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/lightbox.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash da95de61922b388a4f2f590712f9126e
d44e0f9a78fb0706b6590db529499418b5bbb688
d51638d0bbf27e9714c9527b9d83d0ebb6d08c5cf8c2b9cbee8043d35df83f63
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/lightbox.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:55:34 GMT
Accept-Ranges: bytes
Content-Length: 6613
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/login-box.css
137.184.9.91200 OK 4.0 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/login-box.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 5e682be450f949a07ff35fa3a4d8fdc9
f258bff2bcb75d8d4fd21116d5fca746bca37cb9
f8d867259093ee5ab265819f85193cd46c164f98032ba0dd8aeab24b17d2eae7
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/login-box.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:50:08 GMT
Accept-Ranges: bytes
Content-Length: 4023
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/logon.css
137.184.9.91200 OK 2.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/logon.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 16fb0370af149064a680f80900456e08
a4eae46d00a62dc22069b4873e35f3fa21e35245
861d544a15c568b3b889b122c09a47334761320628658561587fc9a199016a4a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/logon.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:52 GMT
Accept-Ranges: bytes
Content-Length: 2637
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie7.css
137.184.9.91200 OK 2.2 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie7.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 4cb5743a08f3ea34e59ebb4487747cca
6a25abf723022c797ef288a296cfb3c5794790ed
50e7d49429ee7656c7db88152049204ee2594a17011a1e8e2a26139314cc6d3f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/masthead-ie7.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:54 GMT
Accept-Ranges: bytes
Content-Length: 2163
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie8.css
137.184.9.91200 OK 1.0 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie8.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash e9a46d9915495ff88fbfe5c2e4c8f2c0
1389574229fd509dcae108cdd086def3332efceb
2fb53c9bc61d05a77f2f2d70bdcbbbb555ed0a63c099876f46cbd64b69960ba1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/masthead-ie8.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:54 GMT
Accept-Ranges: bytes
Content-Length: 1004
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie9.css
137.184.9.91200 OK 1.5 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/masthead-ie9.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 0fd30ee5a7b3a6ba52f42b0f26a49319
432c632fa7f4836e599ba1ddeb98bcfe7f9738ed
60dd60c3ce78d7d33278f09a1357165d51fb5ed4d6649eebf5d70199e9a6a747
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/masthead-ie9.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:54 GMT
Accept-Ranges: bytes
Content-Length: 1538
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/masthead-webkit.css
137.184.9.91200 OK 761 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/masthead-webkit.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8c966f6c83d482bdc9f70800a2922b67
3fb3d42cd1594c389c94decc779fdf8b7ff054f3
d7a7e09bd9d258e5670ac6371cf230d416eb5f9139e88d126846bab97b4e50e8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/masthead-webkit.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:54 GMT
Accept-Ranges: bytes
Content-Length: 761
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5085
Cache-Control: max-age=102270
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:07:07 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:31:37 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
mail.sehsbcsecuruty.duckdns.org/files/css/memorableAnswer.css
137.184.9.91200 OK 5.3 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/memorableAnswer.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 762cad9d71f45d6b03a08364ed738cd4
9e615d174ba66079dc2fa2f122929c677ad3cc39
1fa81a76abdf1555a15ae63eb48bb00d7c3c107b12b124145f50f20c16cf456b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/memorableAnswer.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:56 GMT
Accept-Ranges: bytes
Content-Length: 5313
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/menu.css
137.184.9.91200 OK 667 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/menu.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3237576dcbd6bcd97da85034be14cede
d19ca4b7e0f93d33481f2a04bdef88dae7d4dd32
4e5e810c119076945ba380ba18c03b4b85a8d0edf654446ca433e3351c0cac68
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/menu.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:56 GMT
Accept-Ranges: bytes
Content-Length: 667
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/js/jquery-3.4.1.min.js
137.184.9.91200 OK 88 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/js/jquery-3.4.1.min.js
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2f772fed444d5489079f275bd01e26cc
a8927ac2830b2fdd4a729eb0eb7f80923539ceb9
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
fortinet Phishing
GET /files/js/jquery-3.4.1.min.js HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:06 GMT
Server: Apache
Last-Modified: Sat, 04 Apr 2020 10:16:36 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mail.sehsbcsecuruty.duckdns.org/files/css/notification.css
137.184.9.91200 OK 525 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/notification.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 107e1b43cf8e1fc94eb1d018758f49f7
5f7bd487eeae2d695ff43cea720dd31c05f42107
fa3a8e41f64cc5472818454f657f7fbe79f4aac260a2afd3066a329e1c7488e5
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/notification.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:56 GMT
Accept-Ranges: bytes
Content-Length: 525
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/reset.css
137.184.9.91200 OK 1.5 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/reset.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (393)
Hash a61bbe657510fcf1dd4558df288adad8
f4323d0c33319a48ce0c466d523123110af5574b
dd784e0d9635e2bc7fb87b708ccafce38b4c30a98ae6681162a10ed3ad5c106d
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/reset.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:58 GMT
Accept-Ranges: bytes
Content-Length: 1472
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
137.184.9.91200 OK 22 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash a641e35feae8992244c59839fa2f0c5a
c210e6bcd6b8fe7dc58ebb06df25a8accb61adbd
5e50fcfd92bbf8a01290b1036974255d10e37be7d05e7b09925a1c812f97f60f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/masthead.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:44:56 GMT
Accept-Ranges: bytes
Content-Length: 21513
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/security-details.css
137.184.9.91200 OK 6.0 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/security-details.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 693b57fdc254f9b7ae3c70e77adf69b4
17ca22ba602e78eb21c03e5a38f11bc420c63597
ad8ea7f5669a1d9bcc9b67da0e647b194dff34031ccfa247f18ceddcd8449b28
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/security-details.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:58 GMT
Accept-Ranges: bytes
Content-Length: 6010
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/side-box.css
137.184.9.91200 OK 2.2 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/side-box.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 7ac8eee221c44a1e282e4dd0a705a81d
3a925f6fb22b350781d8464d46d5b8f39032c00b
e1b00775959edd35e971ba32b8171f03e22e4ad80b854abd26b92870c6d21953
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/side-box.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:58 GMT
Accept-Ranges: bytes
Content-Length: 2215
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/stepTracker.css
137.184.9.91200 OK 3.7 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/stepTracker.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash c1b6091a128411c522cee5dc29669f5d
988c6cb2a19ddd71bd78f15aa13b77a51d6f4292
6bde84f1cb5d5f335b936eaefe5575ecc61da0601024ebd288e70b252f800b98
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/stepTracker.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:32:58 GMT
Accept-Ranges: bytes
Content-Length: 3700
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/terms.css
137.184.9.91200 OK 1.4 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/terms.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash c88f9c56e04f9e88f106fee2f79f5cb6
ffd7e013abb413e89a61ba654a3a3838f5892071
de47316f3cf85743aa2d3cdd343baff74399d0a6c644fc1f9a622a6fc173c03e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/terms.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:33:00 GMT
Accept-Ranges: bytes
Content-Length: 1389
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/tooltip.css
137.184.9.91200 OK 1.9 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/tooltip.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash beb23e1bf9ac814ef23e5b7fa435a790
47745db793baf891556d727d64992a8e00061cbc
85283d21127ab8b55f10237f440cd6743955d6e361205830e7e14fdc39ec95e3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/tooltip.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:33:00 GMT
Accept-Ranges: bytes
Content-Length: 1947
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.88.25.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.25.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CQ4WGfhsPjrnKPFYrIIfbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3iz+lyopg50kpIMC/fTA92INHJA=
mail.sehsbcsecuruty.duckdns.org/files/css/common.css
137.184.9.91200 OK 13 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/common.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash fff2aaa7238fd26c086118e9723cb0db
596546da3188e5eaf04bb8b0b50694ba1223f62a
442a511e610233204a50088d8d63449d065a9941debc0d2fa3b0b6a61227bce8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/common.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:51:26 GMT
Accept-Ranges: bytes
Content-Length: 12874
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/validation.css
137.184.9.91200 OK 2.4 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/validation.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash b21baf41a8e905806feca3170f1adbd4
b8a5d07ee659be8997adc39e37e3448342b748a6
4dee4a8264c1078f9d3231c177f36b8ce43e21ef5e5c3b903fcf7b2ce060d0c8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/validation.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:33:00 GMT
Accept-Ranges: bytes
Content-Length: 2435
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/pageextra.css
137.184.9.91200 OK 2.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/pageextra.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 0e152cdc81b94c60b45d47b716777078
8eaa42909064ae258b3da1626ed960ca38f61fdc
5b708f5a236729c926147639c27e8831793182ef3a178b925f11df4b417e78ab
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/pageextra.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:33:02 GMT
Accept-Ranges: bytes
Content-Length: 2604
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/newValidations.css
137.184.9.91200 OK 4.5 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/newValidations.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 563bb3bab2087879f5037322c52642cd
34d3ffda060944c4457f4676c120ded8bfc4a2f4
3e08ffaedf55672f02bbcf98b901dde8c4b64a4465e5e131dc5c67f73cafd08b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/newValidations.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:33:02 GMT
Accept-Ranges: bytes
Content-Length: 4459
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/button.css
137.184.9.91200 OK 14 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/button.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 7243b9636ee20bfcb3a177ec47568fbe
9ea3ebef386b486048999d6c93ddd6e481c5430f
c8b9f4aba8f1adfa113ec30553671d41ca2ae6bdb5f07b4811758e1e3525e467
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/button.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Sat, 04 Apr 2020 18:22:24 GMT
Accept-Ranges: bytes
Content-Length: 13524
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/css/core.css
137.184.9.91200 OK 89 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/css/core.css
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
Hash 879816ff59dbe3c6a3ac6b20f4dc3efe
9eabb91cf8e2cde1b0cb896a2f4e8ad00bb2fc79
c7be2d8912120603f8752fa576d9e9b586975e1c51b82491efcdb29309a14300
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/css/core.css HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/ursula.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:07 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:55:38 GMT
Accept-Ranges: bytes
Content-Length: 88609
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
mail.sehsbcsecuruty.duckdns.org/files/img/D667_advance_login_300x255_v2_mortgages.jpg
137.184.9.91200 OK 33 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/D667_advance_login_300x255_v2_mortgages.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x255, components 3\012- data
Hash f4f0beac074f9af0f2a47432266174a6
9cfd5ef6d4312c02073f37cfa81f208471fdf9ce
5cf24fd07485188431c5dd95365cf4df6f42d5638b37631b98e2a01dd22c82c8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/D667_advance_login_300x255_v2_mortgages.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 32973
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/google-play-logo.png
137.184.9.91200 OK 8.5 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/google-play-logo.png
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 166 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 72d8a0aa17ee913ba3d96b6c32f193c6
2405444bef0eb5c4fa4812d4173d3719ca6badd1
1e6d8f6b9c32e5928bf8b61f54c36b7e373d5798ee9a9f022bddc11b5984df3b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/google-play-logo.png HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 8516
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.sehsbcsecuruty.duckdns.org/files/img/protecting-your-money.jpg
137.184.9.91200 OK 12 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/protecting-your-money.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x109, components 3\012- data
Hash 38e964496b5bfebf4074588c10d62313
5f5605e34d2fa9920eab4e6518f7992a82ebc0f6
9f6a9bb8a898931b3aa22c498b2a49f48d0b8c109b733fad5fc8cabce2cc2889
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/protecting-your-money.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 12270
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/btn_register_now.jpg
137.184.9.91200 OK 5.3 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/btn_register_now.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 190x46, components 3\012- data
Hash 46a373ef479b0ca023b380a4312f264a
81d36113b22a9a850f8604b5ca3fb82ff8ca7b1b
46a9e82a911fd5e8385cea0197645f37e262e8ba7854708d648459083a44bfb8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/btn_register_now.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 5283
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/D650-login-cc-300x255.jpg
137.184.9.91200 OK 17 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/D650-login-cc-300x255.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x255, components 3\012- data
Hash 9fc3b7295c94c7a1069cc7c1c212643b
a6348b014e356757dd47180b637f6a9494ed3d98
a45ea7f4b552e28f3e0dfcf00c9bd77b52984748fed3dd17dac2b428f9a561c2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/D650-login-cc-300x255.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 17295
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/D650-login-seckey-300x255.jpg
137.184.9.91200 OK 24 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/D650-login-seckey-300x255.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x255, components 3\012- data
Hash c4a43d4a1d75e833820ad7d985b791ba
c02f725c86f5e8caf8ab26d3a3da6478dd859191
5bd813166f92ddba59339ec95dd77bec711f582efa04de122b5e3050bc859bd5
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/D650-login-seckey-300x255.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 23947
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/top.gif
137.184.9.91200 OK 54 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/top.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 33\012- data
Hash 71b06722340d57b0da45bbc66bfb9b92
ad1261e90bb97188f863a0ec221302423cc1863b
bf266f02007642c1b71807c6b399ee1268d8a5a36b8d03162bce1fa222942c98
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/top.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/core.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:40 GMT
Accept-Ranges: bytes
Content-Length: 54
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/bg_arrow.gif
137.184.9.91200 OK 1.9 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/bg_arrow.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 11 x 5\012- data
Hash 9c9061b8d863e54eade1ba74762c39ea
d8d10d4b2717aee60248851464e174b0a897674f
f849d3b842a1c5d9b3f0bf529e62cfb46d20fe26544597a21e91b0ada28cb779
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/bg_arrow.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:44 GMT
Accept-Ranges: bytes
Content-Length: 1885
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/bg_gradient.gif
137.184.9.91200 OK 1.3 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/bg_gradient.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 10 x 33\012- data
Hash dba2253932b2844a829ee6904102bc12
5f995930a357397828a565fc383bb6166bc2487f
a4252e53f67c397b5978d17a5b276376d8581f17d741bc1994efe6ec930307ea
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/bg_gradient.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:52 GMT
Accept-Ranges: bytes
Content-Length: 1269
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/locale.gif
137.184.9.91200 OK 1.5 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/locale.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 19 x 52\012- data
Hash 5d53b84abe67e729377267aef0cfe2a4
9b23795dbc4c053883b36bfdd42d9001048599b9
c5bd889d63edff8886935feb6640592b5494b5cd9877494e60cb643c068e7144
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/locale.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:50 GMT
Accept-Ranges: bytes
Content-Length: 1475
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/uk.gif
137.184.9.91200 OK 2.0 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/uk.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 16 x 11\012- data
Hash 76f1afab10dc66a76b6dfa52482c9703
099be0044bb5275adb31194b603e1b4f356211c0
5361fc386b6367880608208f73170fb80556f0df029e18f5b0db20461d1cf14a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/uk.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:50 GMT
Accept-Ranges: bytes
Content-Length: 2019
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/section_divider.gif
137.184.9.91200 OK 1.1 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/section_divider.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 84\012- data
Hash 9f51d4120624efe94f8118dbf8be288d
42248173aef35ab4eba0adbc0fdc6a029d5362f3
c242fecf52b24a49f80215433f75fcd149fe3cdf9e807437bbd38317f036b965
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/section_divider.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/masthead.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:46 GMT
Accept-Ranges: bytes
Content-Length: 1111
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/page-heading-gradient.png
137.184.9.91200 OK 942 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/page-heading-gradient.png
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 24477db014e68fdfe218c0a4a02c13ec
928635ef142ef4305837fd69a9ba508de4cdc7e2
b5a3dd3f96d3e983873762c6b69b7946be6b1627dff5eca7716ad8396bbab132
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/page-heading-gradient.png HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/core.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:40 GMT
Accept-Ranges: bytes
Content-Length: 942
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
mail.sehsbcsecuruty.duckdns.org/files/img/default-left.gif
137.184.9.91200 OK 1.4 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/default-left.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 8 x 34\012- data
Hash 56623dbda4aea66bd2701171b4f4d8fc
84021fcdb1e9d1c1ac94dbf373e1bbcf07b7ca8f
8a4a5bc7c1c81d7dfe382d0f1157298e7e439e13228d23d2a448f1c811015c8f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/default-left.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/login-box.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:44 GMT
Accept-Ranges: bytes
Content-Length: 1410
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/default.gif
137.184.9.91200 OK 2.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/default.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 500 x 35\012- data
Hash 4ceae5b5a017b352b131ac11ed952562
335403a51ea5ec44a742de9d98a91cbc02262951
f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/default.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/login-box.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:44 GMT
Accept-Ranges: bytes
Content-Length: 2563
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/customcheckbox.gif
137.184.9.91200 OK 679 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/customcheckbox.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 17 x 36\012- data
Hash 883c487b386ca749339293677858a693
acf1eaeccda23d14ce48e8ba0749deaa71232e96
1d1188cc0634d30847cbfd7424ee666df0f674acf1cff95f8e2421f800815880
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/customcheckbox.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/common.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:48 GMT
Accept-Ranges: bytes
Content-Length: 679
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/forward.gif
137.184.9.91200 OK 157 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/forward.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 5 x 8\012- data
Hash 0506ccb8861fe82cab2fd7f9c0b98bab
3932d9c1a38a096fb791f2bbd0c3547aaa419d31
0e470a24cfcdfa42487418070681845219a16cfedb62c5101514d96faf510c9c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/forward.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/core.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:40 GMT
Accept-Ranges: bytes
Content-Length: 157
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/bg-bullet01.gif
137.184.9.91200 OK 839 B URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/bg-bullet01.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 6 x 6\012- data
Hash e9249cb1361439592dd42c10e3b88cc6
69f0ea48cb9ebca66279040c40261689b0d9ecae
55b396782fa592bfd31908e28c3293537bcf5cb22eaf5f4c255cf7ab0d364560
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/bg-bullet01.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/core.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:54:54 GMT
Accept-Ranges: bytes
Content-Length: 839
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/contact.png
137.184.9.91200 OK 1.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/contact.png
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 23 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 05522602098964a75847b8c6fa90e6e9
ad12041d05acce1d94cf08b25f408f836991db99
6197f7ae191cb4b28ec55b5cf74a92db66a1a8e43f76abe3863ab3c51cb7667b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/contact.png HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/footer.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:48 GMT
Accept-Ranges: bytes
Content-Length: 1627
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
mail.sehsbcsecuruty.duckdns.org/files/img/hsbc-logo.gif
137.184.9.91200 OK 4.9 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/hsbc-logo.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 191 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 821989c6aa2fb1b15713ef71548d2a4b
4d80e600c8debcab806d7e9302fa196f9827ca87
33ce282f6f4df66becb2d6546f9d76d665b014845c6e8fd49dba4a77c10916c3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/hsbc-logo.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 4881
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/branch.png
137.184.9.91200 OK 1.8 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/branch.png
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 23 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 20c384bf5d9d4c2f554846931b7bca54
30d8c238fa17ab2010010f6be18ab2feea08d95e
82fa45a014c9faa9885c4338e07e44de3028b9c6982202490d0ee695e72da691
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/branch.png HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/footer.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:48 GMT
Accept-Ranges: bytes
Content-Length: 1828
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
mail.sehsbcsecuruty.duckdns.org/files/img/footer.gif
137.184.9.91200 OK 1.1 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/footer.gif
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1175 x 1\012- data
Hash 568cb6f3f1255467d1cab212a4b6b303
0fef9b5de56242282337a2676673bdfce732e138
9db0d37a99592c40f146b9a8026e020d2c0b843bca0d7b0279ac8fa8fb13fd53
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/footer.gif HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/files/css/footer.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:42:42 GMT
Accept-Ranges: bytes
Content-Length: 1125
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
mail.sehsbcsecuruty.duckdns.org/files/img/how-to-stay-safe-online.jpg
137.184.9.91200 OK 5.6 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/how-to-stay-safe-online.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 200x45, components 3\012- data
Hash b694d37bc44ea453d96e6e4ce96b2ac9
bae46e078ffb556fa3a0fe99e3f34dfda74e38df
3d672d8999a8795c84eedcd7d37ea43cc1c756903818147f528f3999a9730e02
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/how-to-stay-safe-online.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 5617
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
mail.sehsbcsecuruty.duckdns.org/files/img/app-store.jpg
137.184.9.91200 OK 5.2 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/app-store.jpg
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 166x56, components 3\012- data
Hash fb7d83f372240a228da0bada37606d12
c18b76e39e8275c0f7908bc4a0d2326ef2d1b497
3edb06ffd464e78faa7494ea5b1101e0efbbc7c8729614552d4728bd59d0707f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/app-store.jpg HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 5218
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20362
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20362
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20362
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 06:07:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34a9b9b25e57f612db5560cd05e44cce
433e295328d6c821a1df907c232bff4195e2860b
139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:00:01 GMT
age: 29227
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 63238
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 62975
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 47164
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:48:13 GMT
age: 80335
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1be0ae00ba0c6009ac14c8df38b8ad0
33edd1469c54a08e3c4cb0003b87b225eba55b3f
ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 14:51:55 GMT
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
content-type: image/jpeg
age: 54913
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.sehsbcsecuruty.duckdns.org/files/img/favicon.ico
137.184.9.91200 OK 15 kB URL HTTP/1.1 mail.sehsbcsecuruty.duckdns.org/files/img/favicon.ico
IP 137.184.9.91:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 6595ad15ea18bb71a102f2e1aef106fd
19bdb5f502bbbfbfd88cffb1df08f61ef076519a
6792c4c37672b1a8d6c2842f403c70c85f3b66f3ebaa434b816b5cd25203113b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /files/img/favicon.ico HTTP/1.1
Host: mail.sehsbcsecuruty.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.sehsbcsecuruty.duckdns.org/Login.php
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:07:08 GMT
Server: Apache
Last-Modified: Wed, 01 Apr 2020 12:58:54 GMT
Accept-Ranges: bytes
Content-Length: 15086
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/x-icon