r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14860
Expires: Sat, 26 Nov 2022 12:31:04 GMT
Date: Sat, 26 Nov 2022 08:23:24 GMT
Connection: keep-alive
secure-key-online-user.duckdns.org/login.php
20.106.149.200200 OK 29 kB URL HTTP/1.1 secure-key-online-user.duckdns.org/login.php
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2519), with CRLF line terminators
Hash 78cafdd69e1f64df16173a544c098356
3b6c87a8af5d209f1dc13e66afaca2c481b2354a
d6b6c4d8224dcbe18c404652f3e26fcbb6ad6048a7b56230f04155827d07d931
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /login.php HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5038
Cache-Control: max-age=99108
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:55:12 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 08:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 251
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6139
Expires: Sat, 26 Nov 2022 10:05:43 GMT
Date: Sat, 26 Nov 2022 08:23:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZGZbHiF98V3xU0PvR0XNAWDCSnFmedjQQo64o/PQp32D0XNQDMKRPKs05lYFqaVMZ7p8jJrHUhE=
x-amz-request-id: 7BVXCVDEZV4ZD1JW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 07:44:09 GMT
age: 2355
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 08:23:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
assets.adobedtm.com/5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js
23.38.200.237404 Not Found 10 B URL HTTP/2 assets.adobedtm.com/5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js
IP 23.38.200.237:0
Hash 7605968e79d0ca095ab1231486d2b814
a007b420d19ceefa840f0373e050e3b51a4ab480
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
GET /5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
accept-ranges: bytes
content-length: 10
server: AkamaiNetStorage
cache-control: max-age=3600
expires: Sat, 26 Nov 2022 09:23:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
access-control-allow-origin: http://secure-key-online-user.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3157)
Hash 93be81f6757ec60d39030509b22de2aa
10da6f74c058bfd91c620349132f5fa8fd82b2d7
96a98574d9ef55a6534153612e6e43d21de38eafabd84ba7cabf155d6d89d1c4
GET /extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1594
expires: Sat, 26 Nov 2022 09:23:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
cache-control: no-cache
access-control-allow-origin: http://secure-key-online-user.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash f99318178f5cd30f05d4de6600f98c76
e5cab9c4ccd5e0f126788ee9cab617c0f9037b7b
6a3e8a963532cbc4767a4bf769debf8c83aa085d3e3fe7a1fd6ce3500ebc3c28
GET /extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "820eb42f3120ddf65e303b24a8285815:1634593036.305122"
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12200
expires: Sat, 26 Nov 2022 09:23:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
cache-control: no-cache
access-control-allow-origin: http://secure-key-online-user.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/ibxolb/olb/fscommon.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/olb/fscommon.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/olb/fscommon.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39c114b81bcafb40d28c81b9adba3b33
6acc71c731f23a9b08fb135bf4429bee3dfeb42f
767ed4fdb8b2a9ea7f80c41a34b4e415efbf3c42bd804c8502e819042f49a933
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5190
Cache-Control: max-age=88838
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "638070bc-1d7"
Expires: Sun, 27 Nov 2022 09:04:02 GMT
Last-Modified: Fri, 25 Nov 2022 07:37:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39c114b81bcafb40d28c81b9adba3b33
6acc71c731f23a9b08fb135bf4429bee3dfeb42f
767ed4fdb8b2a9ea7f80c41a34b4e415efbf3c42bd804c8502e819042f49a933
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5190
Cache-Control: max-age=88838
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "638070bc-1d7"
Expires: Sun, 27 Nov 2022 09:04:02 GMT
Last-Modified: Fri, 25 Nov 2022 07:37:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
sc40562060us3.cobrowse.oraclecloud.com/launcher.js
104.110.2.75200 OK 10 kB URL HTTP/2 sc40562060us3.cobrowse.oraclecloud.com/launcher.js
IP 104.110.2.75:0
File type C++ source, ASCII text, with very long lines (23282), with CRLF, LF line terminators
Hash 95453fd93745014dc81f2720ddd944d3
725de40b89e5689c8997a4451a13f1b16aa245f2
8f894ccdc8778e49d14aa963275ae3744a67b9ff51cabb54e17ebeb57f34111a
GET /launcher.js HTTP/1.1
Host: sc40562060us3.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
etag: "86fe9ff17cf9e15128aa4c11ff837f06:1661448635.60938"
last-modified: Thu, 25 Aug 2022 17:30:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 10240
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39c114b81bcafb40d28c81b9adba3b33
6acc71c731f23a9b08fb135bf4429bee3dfeb42f
767ed4fdb8b2a9ea7f80c41a34b4e415efbf3c42bd804c8502e819042f49a933
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5190
Cache-Control: max-age=88838
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "638070bc-1d7"
Expires: Sun, 27 Nov 2022 09:04:02 GMT
Last-Modified: Fri, 25 Nov 2022 07:37:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/embed.js
151.101.85.230200 OK 532 B URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/embed.js
IP 151.101.85.230:0
File type ASCII text, with very long lines (593)
Hash 89fd940447ce9f2bb662e47c49893a8c
a987d4c589cb7812bf9ff0926ad3b70e50e72d96
096136a2129790881a3d1f51f7f963a039d8b88546c49cfbda938ab9a6f8ce1c
GET /wdcwest/23736/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8ubY7IIQ34btyr3I0LOSxA3zXGmKn3+YcMlxQjQpkEMTsf4/QOfBFh/dMBilOvmCeqtgReIU+mQ=
x-amz-request-id: 7DG3F372BKJW8A9G
last-modified: Mon, 14 Nov 2022 07:12:09 GMT
etag: "8537d2673be40d411deba24f8e5949de"
x-amz-version-id: bUR23pro44dWJUOmTU_IGNFpr2Wb_teF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 08:23:24 GMT
via: 1.1 varnish
age: 942318
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669451005.768033,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 532
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39c114b81bcafb40d28c81b9adba3b33
6acc71c731f23a9b08fb135bf4429bee3dfeb42f
767ed4fdb8b2a9ea7f80c41a34b4e415efbf3c42bd804c8502e819042f49a933
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5190
Cache-Control: max-age=88838
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "638070bc-1d7"
Expires: Sun, 27 Nov 2022 09:04:02 GMT
Last-Modified: Fri, 25 Nov 2022 07:37:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39c114b81bcafb40d28c81b9adba3b33
6acc71c731f23a9b08fb135bf4429bee3dfeb42f
767ed4fdb8b2a9ea7f80c41a34b4e415efbf3c42bd804c8502e819042f49a933
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5190
Cache-Control: max-age=88838
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:24 GMT
Etag: "638070bc-1d7"
Expires: Sun, 27 Nov 2022 09:04:02 GMT
Last-Modified: Fri, 25 Nov 2022 07:37:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1637593916942.js
151.101.85.230200 OK 84 kB URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1637593916942.js
IP 151.101.85.230:0
File type Unicode text, UTF-8 text, with very long lines (45192)
Hash c92d28f643d34346cb3b301e40d39ac5
fb2e46504e508fda44b1c5fc6826d69cc471918b
ef98db38d396587b62b8554e485c57e385944bae5d181321ffa86601afe71bbc
GET /wdcwest/23736/onsite/generic1637593916942.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Gtkc35u0iL9WEeFUmABAuwAE4L7dZpm75WRlblnul1rzJQxpMUgIQswTo7sOHPHxDkwDukWZ8gA=
x-amz-request-id: 4ZP9W7Q4JV5DZZZB
last-modified: Mon, 22 Nov 2021 15:11:58 GMT
etag: "39679ff466b7ceaa9514c8833d1d8326"
x-amz-version-id: k_UTuCI6gNNa63AEUty4XDt6VsRGIm_s
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 08:23:24 GMT
via: 1.1 varnish
age: 941412
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669451005.773309,VS0,VE8
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 83951
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/1.765a3485407de8d7bea6.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/1.765a3485407de8d7bea6.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /1.765a3485407de8d7bea6.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/amt-tkt/amt-ui-shell/bundle.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/amt-tkt/amt-ui-shell/bundle.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/amt-tkt/amt-ui-shell/bundle.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/7.b63989e36dd5fd7709e7.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/7.b63989e36dd5fd7709e7.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /7.b63989e36dd5fd7709e7.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/common-tkt/bundle.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/common-tkt/bundle.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/common-tkt/bundle.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ibx.key.com/ibxolb/amt-tkt/amt-ui-shell/styles-key.css
23.52.18.181200 OK 1.8 kB URL HTTP/2 ibx.key.com/ibxolb/amt-tkt/amt-ui-shell/styles-key.css
IP 23.52.18.181:0
File type ASCII text, with very long lines (8319), with no line terminators
Hash aa1c898631424cab90caeae118dc729d
8df6e8cd989e56ae6e79d7b69f07874747979061
b43f991f50f7cabc84b3d4cf1273614bd1bb472e396e56677f49efe299e289dc
GET /ibxolb/amt-tkt/amt-ui-shell/styles-key.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
etag: "63640bf8-207f"
last-modified: Thu, 03 Nov 2022 18:44:08 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-envoy-upstream-service-time: 0
content-security-policy: frame-ancestors *.key.com *.keybank.com *.laurelroad.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1177445093"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 1848
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/styles-key.css
23.52.18.181200 OK 1.7 kB URL HTTP/2 ibx.key.com/ibxolb/login/styles-key.css
IP 23.52.18.181:0
File type ASCII text, with very long lines (5546), with no line terminators
Hash 89b2f1afe5e153ee5822e1679b4fe3dc
3a39f374236096efab02a76c3f3b8e1c02d3838b
05079a80df8e34aa57178e410a2c7012e947c28cfad352a754f411b7a7004e6d
GET /ibxolb/login/styles-key.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
etag: "63640efd-15aa"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 0
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="654255397"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 1660
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/images/key_white_logo.png
23.52.18.181200 OK 12 kB URL HTTP/2 ibx.key.com/ibxolb/login/images/key_white_logo.png
IP 23.52.18.181:0
File type PNG image data, 172 x 32, 8-bit/color RGBA, interlaced\012- data
Hash d62d5b0d8627210d502248fd5ba0795b
b54d1d796f26e980cdb17293ff75647f8072c6b7
07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e
GET /ibxolb/login/images/key_white_logo.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-2e15"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 6
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="839217220"
content-length: 11797
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/images/key_black_logo.png
23.52.18.181200 OK 3.4 kB URL HTTP/2 ibx.key.com/ibxolb/login/images/key_black_logo.png
IP 23.52.18.181:0
File type PNG image data, 276 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ac718e18ce2383f5581edc92b37b5964
064252d1d84c5fb2bc45b2e510e9f4235c65baeb
de35a69575718cdee8f4583e969583506939c38f94c0dad37dfe66abe574dbc0
GET /ibxolb/login/images/key_black_logo.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-d2f"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 1
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-877571672"
content-length: 3375
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/olb/ruxitagentjs_ICA27QVfghjqrux_10231211201155045.js
23.52.18.181200 OK 128 kB URL HTTP/2 ibx.key.com/ibxolb/olb/ruxitagentjs_ICA27QVfghjqrux_10231211201155045.js
IP 23.52.18.181:0
File type ASCII text, with very long lines (2058)
Size 128 kB (127777 bytes)
Hash a3a5aec481537b10b2228badd7c33504
2fbee625044bf0f35c702193009ed4120a1f40f4
d2260c0fab13206a4d4ac7f12d4e6b30e203e4f0828ca045f25a9ad082ef417b
GET /ibxolb/olb/ruxitagentjs_ICA27QVfghjqrux_10231211201155045.js HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
cache-control: public, max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 127777
vary: Accept-Encoding
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/runtime.0cdcb92550c854b006d5.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/runtime.0cdcb92550c854b006d5.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /runtime.0cdcb92550c854b006d5.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ibx.key.com/ibxolb/login/images/key-logo.svg
23.52.18.181200 OK 6.1 kB URL HTTP/2 ibx.key.com/ibxolb/login/images/key-logo.svg
IP 23.52.18.181:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5966)
Hash b4284724f45b84236572906bb9309724
a919c3dec8149ae38b71d233f4b7d9391ac91691
4712701bf2f3b3b93bdfc9aa8c2c3e8dbdf6f3c4cbce9fc9a766c7cb5b281e5b
GET /ibxolb/login/images/key-logo.svg HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "63640efd-17b8"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 0
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1482880501"
content-length: 6072
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/styles.a4962029f638dde4888c.css
23.52.18.181404 Not Found 207 B URL HTTP/2 ibx.key.com/ibxolb/login/styles.a4962029f638dde4888c.css
IP 23.52.18.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b612413afdd60f7dc0b88c7fbbd10ab1
34f1a0e360867ff68da1f85bd916239115904aca
d7c75cb19eac0aa050ead52152714a79a29816c26696d93e359f179e8d1142be
GET /ibxolb/login/styles.a4962029f638dde4888c.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
etag: "63640efd-a0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 160
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1505412843"
content-length: 207
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
set-cookie: ak_bmsc=2D81CE11BEFEE96B93022F7FCE72674E~000000000000000000000000000000~YAAQTmAVAqDjBISEAQAArbsIsxEpObXM2/zBHOdGu1E4wMXZgNT4nDoHcjrILm4MMjU54IWX/zADwRct+FvzEhGhmgm8UhGVAAzGxiaSo51yJ69j/TmAg37BY8LhLRWL8ccNmtEaQ3h/BE5J7eIlDjOBv55Igi2RUdazaANMwLS2ujZqrn6CTtfDekrgT0gz//NhFcvnmSGms/o5RV3+OARPmmvt/vHgxa/TDgwflAHH0DcY4IvTIQAjnSpcN+b8SUYrqyv/lefip31yty0fQ0mMU6aogvsYwtBA1HXDp5PkGyKDCFhmlshRL/YtU74CwamsdDUv+typqp/QvfYCmAXN84/NcUIP/DM4zC8YvqZSrOCbJ7QiUrNHPWf4zZQ9SZGr4cAU; Domain=.key.com; Path=/; Expires=Sat, 26 Nov 2022 10:23:24 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/main.270f33586d93306ccd04.js
23.52.18.181404 Not Found 207 B URL HTTP/2 ibx.key.com/ibxolb/login/main.270f33586d93306ccd04.js
IP 23.52.18.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b612413afdd60f7dc0b88c7fbbd10ab1
34f1a0e360867ff68da1f85bd916239115904aca
d7c75cb19eac0aa050ead52152714a79a29816c26696d93e359f179e8d1142be
GET /ibxolb/login/main.270f33586d93306ccd04.js HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
etag: "63640efd-a0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 160
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1116336893"
content-length: 207
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
set-cookie: ak_bmsc=89AB00B88ECAB1B4D9B54F142918C451~000000000000000000000000000000~YAAQTmAVAqHjBISEAQAArrsIsxGh36lAVuBgnqQDBytv1RsmOOKlU9IicPbg4eaac9phvUhhSdKzb/BktIWlPWD4FiFnillNcUncxsBn2b2Jnp50kQ3G9ZCFih6Edwf7QWdZA2P23OtmEwJyFLA8owKdIPEBt6rqLuNCnqdSx9V642XHrYAKofGKaseOGWiZmEZ4LVtW//1hUT4hlkJqIeNzKLEdunOvj5r37MLMPvZ0Ac94Mr8Jt3ZDZ0t29g0wQ94+jMtMyafd9S1FHbUNPkgdTb7jE1dbNahdK2oeJA8OlJ/sJvkBndUSP/yr5rTrXgh5PuHxfyA9ty/an3umVknM2anFYqD4F7Kcpn23q4yxdpSaX6ojoRel3bouzWlijCP7cvzO; Domain=.key.com; Path=/; Expires=Sat, 26 Nov 2022 10:23:24 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/scripts.5d3fe0770360b87e6953.js
23.52.18.181200 OK 17 kB URL HTTP/2 ibx.key.com/ibxolb/login/scripts.5d3fe0770360b87e6953.js
IP 23.52.18.181:0
File type ASCII text, with very long lines (50403), with no line terminators
Hash a47bf96fe774d1a6b659f6ef9d038f80
304cc152766f16bc91ef5772fdf775b8bf4d8bf9
5bf891aa85e242475635c957b2c017d0959284198f987db3c78e01baa5c59482
GET /ibxolb/login/scripts.5d3fe0770360b87e6953.js HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "63640efd-c4e3"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 0
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1528925026"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 17355
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/amt-tkt/amt-sdk/web/styles.css
23.52.18.181200 OK 2.7 kB URL HTTP/2 ibx.key.com/ibxolb/amt-tkt/amt-sdk/web/styles.css
IP 23.52.18.181:0
Hash 0442ec23f7822e1655d44dadbeb03634
ec118be513eaa610ee60a8c1c8e6abf8b66a3478
1b06baef34b7ef8747d4f4e5fdddde4e8ccb8be1a07482dc18905ccb26ecab1d
GET /ibxolb/amt-tkt/amt-sdk/web/styles.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
etag: "63640bf8-2f8f"
last-modified: Thu, 03 Nov 2022 18:44:08 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-envoy-upstream-service-time: 2
content-security-policy: frame-ancestors *.key.com *.keybank.com *.laurelroad.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1415682531"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 2677
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/styles/kds-base-key.css
23.52.18.181200 OK 40 kB URL HTTP/2 ibx.key.com/ibxolb/styles/kds-base-key.css
IP 23.52.18.181:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash df65d0f23f78d26a41f7710200079ec3
74dad2765d316a8b783bbf64a7dfcc3e50307466
b74687535a646e5e711c4eb9235801ea057e44efc0906f8c1b26b693e56cc9f3
GET /ibxolb/styles/kds-base-key.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
etag: "63640d80-4e7a4"
last-modified: Thu, 03 Nov 2022 18:50:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-envoy-upstream-service-time: 1
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1625020387"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
content-length: 40045
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 42a085bd3a4336f37cc21db2c160a13c
b4bb950da8980a7516a880559a83d38923aa5c23
03424bb59675efe3044a75853b8bdcd3335de94ad74d4040ea41db9f82879a95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114227
Date: Sat, 26 Nov 2022 08:23:25 GMT
Etag: "6380e830-1d7"
Expires: Sun, 27 Nov 2022 16:07:12 GMT
Last-Modified: Fri, 25 Nov 2022 16:07:12 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6H1YEFv7Be3SIcFg2QjkLacsl1MJZjLFwKiUrysls7MeQaejywQzRQ==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 08:11:12 GMT
cache-control: public,max-age=3600
age: 733
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 42a085bd3a4336f37cc21db2c160a13c
b4bb950da8980a7516a880559a83d38923aa5c23
03424bb59675efe3044a75853b8bdcd3335de94ad74d4040ea41db9f82879a95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114227
Date: Sat, 26 Nov 2022 08:23:25 GMT
Etag: "6380e830-1d7"
Expires: Sun, 27 Nov 2022 16:07:12 GMT
Last-Modified: Fri, 25 Nov 2022 16:07:12 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0Zt7m2M3aFbQKFRRsxEWmThvXDAGYkUAOEUrsXCCJDGdK9UOAGJSVA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=90726
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:25 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:35:31 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
nd.key.com/2.2/w/w-734496/init/js/?q=%7B%22e%22%3A215559%2C%22fvq%22%3A%222rq91ns0-rqn0-4p28-9685-sspro281s166%22%2C%22oq%22%3A%221440%3A732%3A160%3A28%3A1440%3A860%22%2C%22wfi%22%3A%22flap-152991%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fvaqrk.ugzy%23%2Fybtva%22%2C%22ov%22%3A%22o2%7C1440k900%201440k860%2024%2024%7C-300%7Cra-HF%7Coc1-2501pp0s72219oop%7Csnyfr%7Cuggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fpyvrag%2Fvaqrk.ugzy%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F98.0.4758.102%20Fnsnev%2F537.36%7Cjt1-3n1sr8q09p488ppo%22%7D
99.83.129.174200 OK 529 B URL HTTP/2 nd.key.com/2.2/w/w-734496/init/js/?q=%7B%22e%22%3A215559%2C%22fvq%22%3A%222rq91ns0-rqn0-4p28-9685-sspro281s166%22%2C%22oq%22%3A%221440%3A732%3A160%3A28%3A1440%3A860%22%2C%22wfi%22%3A%22flap-152991%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fvaqrk.ugzy%23%2Fybtva%22%2C%22ov%22%3A%22o2%7C1440k900%201440k860%2024%2024%7C-300%7Cra-HF%7Coc1-2501pp0s72219oop%7Csnyfr%7Cuggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fpyvrag%2Fvaqrk.ugzy%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F98.0.4758.102%20Fnsnev%2F537.36%7Cjt1-3n1sr8q09p488ppo%22%7D
IP 99.83.129.174:0
File type ASCII text, with very long lines (529), with no line terminators
Hash e561f265b3aa06483728beacf8b1c029
e6b8f5a64a50148c9203ec4ed06262864b7230ac
6b470217c98cc2ab2e5e923e7b9feacd99fc6adf9c7d02d1c062729e6a7d62b2
GET /2.2/w/w-734496/init/js/?q=%7B%22e%22%3A215559%2C%22fvq%22%3A%222rq91ns0-rqn0-4p28-9685-sspro281s166%22%2C%22oq%22%3A%221440%3A732%3A160%3A28%3A1440%3A860%22%2C%22wfi%22%3A%22flap-152991%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fvaqrk.ugzy%23%2Fybtva%22%2C%22ov%22%3A%22o2%7C1440k900%201440k860%2024%2024%7C-300%7Cra-HF%7Coc1-2501pp0s72219oop%7Csnyfr%7Cuggcf%3A%2F%2Fvok.xrl.pbz%2Fvokbyo%2Fybtva%2Fpyvrag%2Fvaqrk.ugzy%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F98.0.4758.102%20Fnsnev%2F537.36%7Cjt1-3n1sr8q09p488ppo%22%7D HTTP/1.1
Host: nd.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 08:23:25 GMT
content-type: application/javascript
content-length: 529
server: nginx
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
set-cookie: ndcd=wc1.1.w-729460.1.2.rZ1sz3Sv-ucxsbTw-6MryA%252C%252C.O79QmCDzLxAFIqnWeB1ISH8tAyKKqOcrNkajQ6srgF_TReXUoh3mtxSfLEzJyZD5oGowa1FSkGuez4_VeIMZHdOciSyiSjZW4fXIqRmwf7tdqny9VSpxJ_SZorJVBsRLSLSE2bIfDU2zWh1gxKI8BTon5SK-vI86r9Eu1Q1xeZABUcnMKuf0FhmY1KqDc_c7; expires=Sun, 26-Nov-2023 08:23:25 GMT; Max-Age=31536000; path=/; secure; SameSite=None
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST
X-Firefox-Spdy: h2
nd.key.com/2.2/w/w-734496/sync/js/
99.83.129.174200 OK 18 kB URL HTTP/2 nd.key.com/2.2/w/w-734496/sync/js/
IP 99.83.129.174:0
Hash e28b816e6ae27fa57d1b72ac58dabf84
84560dcb511fa67676c2e0ec220a5dddb44013b0
101961c4786a16777385ed5f954ba5054cc2346afa57d5da3abcaaa28cf5b141
GET /2.2/w/w-734496/sync/js/ HTTP/1.1
Host: nd.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 08:23:25 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff, nosniff, nosniff
x-nds-datacontractrequirement0: Placement, Placement page has not been detected.
x-nds-datacontractrequirement1: Placement, No matching URL placement for w-734496 at http://secure-key-online-user.duckdns.org/.
x-nds-datacontractrequirement2: Placement, Placement page number has not been detected.
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block, 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/ibxolb/common-tkt/bundle.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/common-tkt/bundle.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/common-tkt/bundle.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3IJ212Q23amOao3VIjfURw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aH+l4LdLyePkFf0Asbzr+s5fPRU=
secure-key-online-user.duckdns.org/1.765a3485407de8d7bea6.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/1.765a3485407de8d7bea6.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /1.765a3485407de8d7bea6.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/7.b63989e36dd5fd7709e7.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/7.b63989e36dd5fd7709e7.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /7.b63989e36dd5fd7709e7.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/amt-tkt/amt-ui-shell/bundle.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/amt-tkt/amt-ui-shell/bundle.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/amt-tkt/amt-ui-shell/bundle.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.adobedtm.com/5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js
23.38.200.237404 Not Found 10 B URL HTTP/2 assets.adobedtm.com/5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js
IP 23.38.200.237:0
Hash 7605968e79d0ca095ab1231486d2b814
a007b420d19ceefa840f0373e050e3b51a4ab480
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
GET /5d295d1656df/73b3d100e871/89a5a1fa87ea/RC2d0da54668dd48c2a7fd8d99b81a9ee3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-length: 10
server: AkamaiNetStorage
cache-control: max-age=3600
expires: Sat, 26 Nov 2022 09:23:25 GMT
date: Sat, 26 Nov 2022 08:23:25 GMT
access-control-allow-origin: http://secure-key-online-user.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/styles/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
23.52.18.181200 OK 16 kB URL HTTP/2 ibx.key.com/ibxolb/styles/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
IP 23.52.18.181:0
File type Web Open Font Format, TrueType, length 16108, version 0.0\012- data
Hash 47b39d054a4241e4ccd868d4005e4492
4db4aaa555604ad19c1d2eb4032af8681a2ee2d8
43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4
GET /ibxolb/styles/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: https://ibx.key.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 16108
content-type: font/woff
etag: "63640d80-3eec:dtagent102512209090408186Me5"
last-modified: Thu, 03 Nov 2022 18:50:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
timing-allow-origin: *
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1203505299", dtTao;desc="1"
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:25 GMT
date: Sat, 26 Nov 2022 08:23:25 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/styles.a4962029f638dde4888c.css
23.52.18.181404 Not Found 207 B URL HTTP/2 ibx.key.com/ibxolb/login/styles.a4962029f638dde4888c.css
IP 23.52.18.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b612413afdd60f7dc0b88c7fbbd10ab1
34f1a0e360867ff68da1f85bd916239115904aca
d7c75cb19eac0aa050ead52152714a79a29816c26696d93e359f179e8d1142be
GET /ibxolb/login/styles.a4962029f638dde4888c.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
etag: "63640efd-a0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 160
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1505412843"
content-length: 207
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:25 GMT
date: Sat, 26 Nov 2022 08:23:25 GMT
set-cookie: ak_bmsc=9F202B12062C615046A820591D0AD857~000000000000000000000000000000~YAAQTmAVAq3jBISEAQAAJsAIsxGN+80zpcQYZB6EqWgYCyBMmJzBm1MV3ILmEhIXepZ7W0yutjSEx1FYNkA/6Mqpb8LDJ6R0GcxadntA6Q2Z6jdz4GyIsSTP7YUXUgJPV+ZNl73YSxtO+eN//zOBnGF87dwIusjUWx9c+0YMMbJP94jp7/5GXnS2ObluZMqXuwjugbhJRdPAoPSSBCCloDXK54A+4RAbhQ+6v/tBFg7DdyrbjemJBM8V9zgoyMiE+NPgNXZnJX+OVwgAclfhtx2+BJoEorbIHDxmgGE/5cbqnTuz/OC/KGelz99lu7IJER86Wq1JZGz1Qr0DRInLloynbwudSzA1BeiB8tkh3EHUiFCtw7+A5XpAlVafMaVozBoFg3qJ; Domain=.key.com; Path=/; Expires=Sat, 26 Nov 2022 10:23:25 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/styles/7802e576-2ffa-4f22-a409-534355fbea79.woff
23.52.18.181200 OK 16 kB URL HTTP/2 ibx.key.com/ibxolb/styles/7802e576-2ffa-4f22-a409-534355fbea79.woff
IP 23.52.18.181:0
File type Web Open Font Format, TrueType, length 16372, version 0.0\012- data
Hash 4c8a5d54537af24153ab4bfbda856b84
e3ac604ebf3161d22816bb910929d6facc085e5e
e9175c083dd30b9aafd6339f49b57c47f11ff513fedf5574aeea52f34cb230a1
GET /ibxolb/styles/7802e576-2ffa-4f22-a409-534355fbea79.woff HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: https://ibx.key.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 16372
content-type: font/woff
etag: "63640d80-3ff4:dtagent102512209090408186Me5"
last-modified: Thu, 03 Nov 2022 18:50:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
timing-allow-origin: *
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="775880627", dtTao;desc="1"
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:26 GMT
date: Sat, 26 Nov 2022 08:23:26 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/styles/0552ce48-950c-471f-b843-1afac814d259.woff
23.52.18.181200 OK 22 kB URL HTTP/2 ibx.key.com/ibxolb/styles/0552ce48-950c-471f-b843-1afac814d259.woff
IP 23.52.18.181:0
File type Web Open Font Format, TrueType, length 22404, version 0.0\012- data
Hash 4e7b011aaa22762ac2e776ea7cd7ef01
7f8e08152cbb540f9b2efd9bd6799948155e3600
a269939cfb4cf61f30a867d53d89e96698826070e0beb418bc0c267044be73ae
GET /ibxolb/styles/0552ce48-950c-471f-b843-1afac814d259.woff HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: https://ibx.key.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 22404
content-type: font/woff
etag: "63640d80-5784:dtagent102512209090408186Me5"
last-modified: Thu, 03 Nov 2022 18:50:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="12277669"
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:26 GMT
date: Sat, 26 Nov 2022 08:23:26 GMT
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/runtime.0cdcb92550c854b006d5.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/runtime.0cdcb92550c854b006d5.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /runtime.0cdcb92550c854b006d5.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/olb/share/assets/images/kds.svg
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/olb/share/assets/images/kds.svg
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/olb/share/assets/images/kds.svg HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/olb/ruxitagentjs_D_10251220909040818.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/olb/ruxitagentjs_D_10251220909040818.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/olb/ruxitagentjs_D_10251220909040818.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ibx.key.com/ibxolb/login/main.270f33586d93306ccd04.js
23.52.18.181404 Not Found 207 B URL HTTP/2 ibx.key.com/ibxolb/login/main.270f33586d93306ccd04.js
IP 23.52.18.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b612413afdd60f7dc0b88c7fbbd10ab1
34f1a0e360867ff68da1f85bd916239115904aca
d7c75cb19eac0aa050ead52152714a79a29816c26696d93e359f179e8d1142be
GET /ibxolb/login/main.270f33586d93306ccd04.js HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
etag: "63640efd-a0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 160
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1116336893"
content-length: 207
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:26 GMT
date: Sat, 26 Nov 2022 08:23:26 GMT
set-cookie: ak_bmsc=FADAFA2EBB0CFC924EDD24DEBF65609F~000000000000000000000000000000~YAAQTmAVAq7jBISEAQAA08AIsxH8w34DBHfWnNAgsCB5Vgp0VF9PiiDja+YhkuT+uhzQlSd96UM/kX0Pcylbtxif1xvLpxVGQMmTdox/Rdh/GoheC2ULv9KFWflA+O0a9F/adPBAZn+FPefsIfFAS5m7MCVhmVggMvjM5Gwg8SWEEO15O57lOdGA7utLsm96Gq+iHOCu3WKU3TbZEMEX/L4czbyBKkQo9rD0Nf4nx384ttGuO2SaC8AjLxMPrfU1qlt1RYtJ5NqB3toTBBT5f5kxG/dHxVaw9vSZ45wBB46xiDpj7bAq8FcQ21NMjw/eNi8xDzSISrulGHLn8xa2uUDvCYua8ODbCPbjjv4jXYfmFc9aaYPnDPeQU2rG9OlAptfhUWlQ; Domain=.key.com; Path=/; Expires=Sat, 26 Nov 2022 10:23:26 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/images/kds.svg
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/images/kds.svg
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /images/kds.svg HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /swxjN29JV-/axyL/l5YP0t/Op1hcLSXimNO/QnNbb2hwcAY/FiVmGW/cvN1U HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-key-online-user.duckdns.org/ibxolb/olb/ruxitagentjs_D_10251220909040818.js
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/olb/ruxitagentjs_D_10251220909040818.js
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/olb/ruxitagentjs_D_10251220909040818.js HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h1vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805215|1669451005190; dtLatC=55; dtSa=-
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ikh5j82wlvdl05m2fes&version=20220127
104.110.2.75200 OK 12 kB URL HTTP/2 public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=ikh5j82wlvdl05m2fes&version=20220127
IP 104.110.2.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Hash 9466edea5b690a8dcc94a8aee5255448
8200790330fb146fdc254fb694871e0e9d73e974
f59a6c07012c632c6d0014640439abdd1e0de1f6b4cb557c43531c43af88d24c
GET /rely/storage/ll_storage_html5.html?context=ikh5j82wlvdl05m2fes&version=20220127 HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "b7b7e70ac037b592aef8c274d8e66a71:1634875896.03281"
last-modified: Thu, 21 Oct 2021 23:11:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 08:23:26 GMT
content-length: 11698
X-Firefox-Spdy: h2
public.cobrowse.oraclecloud.com/rely/global_launcher.es6.js
104.110.2.75200 OK 30 kB URL HTTP/2 public.cobrowse.oraclecloud.com/rely/global_launcher.es6.js
IP 104.110.2.75:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81cd05158782fbdda04af71d1ed16217
2120ac1146b7526c7b597ecb04884be538eb058e
262ea1d129baea88bbe9c290c9ecccf388207bd9eea455a3cb4c2fa1d95c832a
GET /rely/global_launcher.es6.js HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "4f5ff5bcae9e63fe5472701370400253:1642746871.379557"
last-modified: Fri, 21 Jan 2022 01:34:30 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 08:23:26 GMT
content-length: 29641
content-type: text/javascript; charset=utf-8
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/images/apple-touch-icon.png
23.52.18.181200 OK 4.9 kB URL HTTP/2 ibx.key.com/ibxolb/login/images/apple-touch-icon.png
IP 23.52.18.181:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash fee1734f5f10bbd1c030e8cd2e1a8896
18d49e15c6adbf73acf60dc258d3630fb7f5090b
f84def209aa5859896a65dc88fabeb52f93d837b5271d8ffe0d557c92b706a07
GET /ibxolb/login/images/apple-touch-icon.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-1322"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 1
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-207117230"
content-length: 4898
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:26 GMT
date: Sat, 26 Nov 2022 08:23:26 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/images/favicon-16x16.png
23.52.18.181200 OK 661 B URL HTTP/2 ibx.key.com/ibxolb/login/images/favicon-16x16.png
IP 23.52.18.181:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ea4b275c774e8170ed54751d39a6adbf
c4fda6c23491accd170362ab21108d8ae31a647f
735143f90a8c225ffe4c0a853b25f2068510d81f8f6a82db79db00233ccc4b58
GET /ibxolb/login/images/favicon-16x16.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-295"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 2
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1913987745"
content-length: 661
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:26 GMT
date: Sat, 26 Nov 2022 08:23:26 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c64a0281a534b79e61a6eb152ff0d4b2
65ee4536d4cdcdc47f40c4e31f6f49d61645b494
e821136385b83549cf4661b8d084c5a14492719aa466dc7700045c62d1a538a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E821136385B83549CF4661B8D084C5A14492719AA466DC7700045C62D1A538A6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Sat, 26 Nov 2022 10:03:41 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.3:0
Hash beede90bea4e08ce50f43c04a8b94485
08467df036e502384f159c74cafb2834ce983f96
204397b4136a68a2e34e398a4a13d890b5e08a9ce456c7f96b26ac3b20fdfed3
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.3:0
Hash beede90bea4e08ce50f43c04a8b94485
08467df036e502384f159c74cafb2834ce983f96
204397b4136a68a2e34e398a4a13d890b5e08a9ce456c7f96b26ac3b20fdfed3
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edge.fullstory.com/datalayer/v1/latest.js
35.201.112.186200 OK 11 kB URL HTTP/2 edge.fullstory.com/datalayer/v1/latest.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (35447)
Hash 53889bac5d499c7791c836e070aea976
8890974f9fa6602a6b605eba9b8832d9ce7ca58a
ced6dc1f6d7d39502f217f22b9187e53e0111d6cef3be89c912620610e9eba5e
GET /datalayer/v1/latest.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdumL1WEvYRJlgxOXloCq7yG5KUJc6UIA1X920v7zOVoslSe2ws1WJmzmEV5zXVUPmMwKkWQkNTt-TvTWYIvlQVKBkgyGcnO
x-goog-generation: 1647279664854651
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10940
content-encoding: gzip
x-goog-hash: crc32c=xpvscg==, md5=U4ibrF1JnHeRyDbgcK6pdg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 10940
access-control-allow-origin: *
server: UploadServer
date: Sat, 26 Nov 2022 08:00:39 GMT
expires: Sat, 26 Nov 2022 09:00:39 GMT
cache-control: public, max-age=3600,no-transform
age: 1367
last-modified: Mon, 14 Mar 2022 17:41:04 GMT
etag: "53889bac5d499c7791c836e070aea976"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d9982c4a878719ddada7e301fb40eca
b088389e7b4dca42ef7391324d6ebc7fc7d8e796
64dbc2a8bcfd6e778293004e63430dc61138124ce7a82e564d9bde62e90b5a60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4345
Cache-Control: max-age=168956
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:26 GMT
Etag: "6381ad01-1d7"
Expires: Mon, 28 Nov 2022 07:19:22 GMT
Last-Modified: Sat, 26 Nov 2022 06:06:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 66 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash b3cc89ae11072c9ee7b443faa623e0e9
00a8279e679a5fb97dfc16860a1572094ff33f3b
0ac7e1b0178f6929b5aeb30c820f83a0101c6258415b280044955bad3974148c
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvuUwewZwoRsBMs0LAmNUJbaCW6YD-iWGcILc74WmxJOG84pPuUWzmpOX6ChUG7eJfyma_yXN9YIlQ6o2eqwqojiQ
x-goog-generation: 1667940125290071
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 65803
content-encoding: br
x-goog-hash: crc32c=LkMtdQ==, md5=s8yJrhEHLJ7ntEP6piPg6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 65803
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sat, 26 Nov 2022 07:56:35 GMT
expires: Sat, 26 Nov 2022 08:56:35 GMT
cache-control: public, max-age=3600,no-transform
age: 1611
last-modified: Tue, 08 Nov 2022 20:42:05 GMT
etag: "b3cc89ae11072c9ee7b443faa623e0e9"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.3:0
Hash beede90bea4e08ce50f43c04a8b94485
08467df036e502384f159c74cafb2834ce983f96
204397b4136a68a2e34e398a4a13d890b5e08a9ce456c7f96b26ac3b20fdfed3
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keybank.demdex.net/dest5.html?d_nsid=0
54.228.235.72200 OK 2.8 kB URL HTTP/1.1 keybank.demdex.net/dest5.html?d_nsid=0
IP 54.228.235.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: keybank.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 26 Nov 2022 08:23:26 GMT
DCS: dcs-prod-irl1-1-v045-0227c85fb.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 1VlmCiD9QXc=
Content-Length: 2791
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c64a0281a534b79e61a6eb152ff0d4b2
65ee4536d4cdcdc47f40c4e31f6f49d61645b494
e821136385b83549cf4661b8d084c5a14492719aa466dc7700045c62d1a538a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E821136385B83549CF4661B8D084C5A14492719AA466DC7700045C62D1A538A6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Sat, 26 Nov 2022 10:03:41 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1668409928646.js
151.101.85.230301 Moved Permanently 0 B URL HTTP/1.1 resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1668409928646.js
IP 151.101.85.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wdcwest/23736/onsite/generic1668409928646.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1668409928646.js
Accept-Ranges: bytes
Date: Sat, 26 Nov 2022 08:23:26 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1676-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1669451007.532339,VS0,VE0
Strict-Transport-Security: max-age=31557600
resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1668409928646.js
151.101.85.230200 OK 81 kB URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/23736/onsite/generic1668409928646.js
IP 151.101.85.230:0
File type Unicode text, UTF-8 text, with very long lines (33488)
Hash b42d260ac8c623146bb05f0a871bfe3b
83d9a4a6a4e10f885916a256e8341b125ecce339
0f50b66af23a26d27c85d94f0c6ca18a63d63db552b79dc11b74fc496aa2359a
GET /wdcwest/23736/onsite/generic1668409928646.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://secure-key-online-user.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: eSYlErzSag3RkYTEkfoYHZEXTC/soBdVtRt7/8MfH07oO8Z8W/YeBYF2I0tl8v+80Bhfy+eGFZE=
x-amz-request-id: 4YBB9JCEJMR9JYRT
last-modified: Mon, 14 Nov 2022 07:12:09 GMT
etag: "92c0ead5d62b099a319ee21051cfb218"
x-amz-version-id: 4Vc7v_mAUKm9A86mAHtaZiRqeWrys9ys
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 08:23:26 GMT
via: 1.1 varnish
age: 941410
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669451007.545914,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 80568
X-Firefox-Spdy: h2
secure-key-online-user.duckdns.org/ibxolb/olb/share/assets/images/kds.svg
20.106.149.200404 Not Found 315 B URL HTTP/1.1 secure-key-online-user.duckdns.org/ibxolb/olb/share/assets/images/kds.svg
IP 20.106.149.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /ibxolb/olb/share/assets/images/kds.svg HTTP/1.1
Host: secure-key-online-user.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/login.php
Cookie: dtCookie=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29; rxVisitor=166945100518822Q8SLD74KNO4LA10LU7A7V33B6V7PG2; dtPC=-24$251005180_588h-vIMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0e0; rxvt=1669452805682|1669451005190; dtLatC=55; dtSa=-; mdLogger=false; kampyleUserSession=1669451005523; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 08:23:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ibx.key.com/share/assets/images/kds.svg
23.52.18.181200 OK 5.1 kB URL HTTP/2 ibx.key.com/share/assets/images/kds.svg
IP 23.52.18.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5932)
Hash 3e13c6a08a775c4cbc1fdb65b995859e
87731e4fb29d8f7b2dc9d5f17f377c55ef188e68
d1c8872eb98fcbeec8b0a388970d95494e7e2c9fde47eb3c5c35e2768567e21e
GET /share/assets/images/kds.svg HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
p3p: CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 26 Nov 2022 08:23:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 26 Nov 2022 08:23:26 GMT
content-length: 5074
set-cookie: PD-S-SESSION-IDSAM=0_vmCYfOed07lJCNIrgpQAUnWHNfr9Cf6bYkph5LK8wDuefLxG68s=; Domain=.key.com; Path=/; Secure; HttpOnly
TS018132f9=014be3f724236163f5827b31dafe9741d53b8b701a733269848da7240a0a5157baec189685434f0e6fa2789e5fdc091e46b9518d1e; Path=/; Secure; HTTPOnly
TS01afbfdd=014be3f724236163f5827b31dafe9741d53b8b701a733269848da7240a0a5157baec189685434f0e6fa2789e5fdc091e46b9518d1e; path=/; domain=.key.com; HTTPonly; Secure
TS60dc95b3027=08746db6a7ab20008cd1164327d61dcb3dd26109d14422f2c6a50f6251ab6bdd7b62dcb6605b8fe10892bf2e33113000e85f72224d6fd8e6f2d4b31d2f28ff4f06b399fa0e283f34cd2515363f5cb9465de545e134bffb9ae52a9d852ace17cb; Path=/
ak_bmsc=C340D7716341127B37032CF7C57FE01A~000000000000000000000000000000~YAAQTmAVArTjBISEAQAA08IIsxHrnTltyI+/Qf8pl6pE4FpIukSEywu1sZAFERxV4jOqfcw/fBz97/2Ha+fIDdAXy7q1wnXN9dIL8MwWZ/oIKDrvQ7LoZYkM215KizcTacd80Aogcn/8CnMe+hxnFUt8VGwLkFUQcUVbIWb0Y2ko5Itx+YrxFU8VhDJ3KxsQnYcfwVQeLpes35+6m/B9t8XT976NY3Kv/jWfhsRxUslrQMTPswcMAzBblI5MdIQ4UqsaQHkh/fsnZMFXGLN3Xta2bZT6j6VYTHXB/kFypHZYcFFfqydvhnYXXSnC5oE4wixoylgotIjMprR3dKR4gfRx922AelxNEE7L2iQ+58PWeX4DloO1aUvgZyZxrfdeP3KaNCk9; Domain=.key.com; Path=/; Expires=Sat, 26 Nov 2022 10:23:26 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 08:23:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 38222
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 11938
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e0c5064718601e80b7bfc931120ff70
741e5e48c4fb170efee9b611be5638d999a09bd2
d0b1537f43277e7f59152e6272d4f3888ab4618fa7fe0e4b24e2f851dbf0f4cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30fddcf4-c88b-41c3-90f7-a4530639de73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7025
x-amzn-requestid: 2c9cd3bc-80d4-4578-a0aa-4f1ff7f19d30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNYGwaIAMFU8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-0c66a293144f894f001ae0cf;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gxs4AeIklafRh02vSn6hA5r7MZagrQsqNR0zhpl5HHiQhQEswFc8RQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:35 GMT
age: 38091
etag: "741e5e48c4fb170efee9b611be5638d999a09bd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/polyfills.7b8c65500cea90f7091f.js
23.52.18.181200 OK 64 kB URL HTTP/2 ibx.key.com/ibxolb/login/polyfills.7b8c65500cea90f7091f.js
IP 23.52.18.181:0
Hash f6919ce02ac979289043073c8e7622fc
2ff5dfd6231e69d4700a5f02dca2b9af98e04243
015afc6cf4b81d76cd170dd36cb1a5f8a80b49ccffe75ec4b98a9c05a7007c8e
GET /ibxolb/login/polyfills.7b8c65500cea90f7091f.js HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "63640efd-26859"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 0
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-2076667587"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 26 Nov 2022 08:28:24 GMT
date: Sat, 26 Nov 2022 08:23:24 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 4200
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 37461
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 28f2062c7c93188c424032327c1a4d99
a8291a54ff0624b3a7ea5257f6578b57e01b142f
ee6ac55bf3131fd811f4c88e2a8f1273f153aa7c6388e257c8835f43a2f7f0d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=118142
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 08:23:27 GMT
Etag: "6380f77a-1d7"
Expires: Sun, 27 Nov 2022 17:12:29 GMT
Last-Modified: Fri, 25 Nov 2022 17:12:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
gwdytpd.key.com/bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29&svrid=-24&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1645562080937&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=968705937&en=0k1nak6s&end=1
156.77.100.197200 OK 1.1 kB URL HTTP/1.1 gwdytpd.key.com/bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29&svrid=-24&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1645562080937&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=968705937&en=0k1nak6s&end=1
IP 156.77.100.197:0
File type ASCII text, with very long lines (1094), with no line terminators
Hash 771e6db0bc1378e881c754c7a9776a7a
48c1d127d9a0f423b6d3503007c152196d51c48f
a8c6371c910b0cd6f4e2e44e7a392a4a046a93cc28420723622c7462ffb9b530
POST /bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_-2D24_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29&svrid=-24&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1645562080937&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=968705937&en=0k1nak6s&end=1 HTTP/1.1
Host: gwdytpd.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3928
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 08:23:28 GMT
Access-Control-Allow-Origin: http://secure-key-online-user.duckdns.org
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 1094
Set-Cookie: TS018640a2=014be3f724a6e2335c7cabb5370cf1fa325b3ead0c57b1bac1886b8fadf84eeaea162ffbd325620ebc68883ae8bccff2fc93b7b53d; Path=/; Domain=.gwdytpd.key.com; Secure; HTTPOnly
TSd3fec068027=08746db6a7ab2000882f694d4f8610ca420f8edf5f92d51c9798d29fccf7be582c4d9ec3637ed30c083ed62a061130008b29f0f386cefdf6da973f27b1e3e33e74a9fabeae69d17d420957ddc1275e79d8a4be364ff8cb9a6185860a28502bd3; Path=/
gwdytpd.key.com/bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_6_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29_app-3Aeaa5724f389ac530_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=6&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1669425152144&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=1805034322&en=0k1nak6s&end=1
156.77.100.197200 OK 222 B URL HTTP/1.1 gwdytpd.key.com/bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_6_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29_app-3Aeaa5724f389ac530_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=6&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1669425152144&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=1805034322&en=0k1nak6s&end=1
IP 156.77.100.197:0
File type ASCII text, with no line terminators
Hash d7e734c4c3325bc142964eb2676fae9f
84654dbe3f1e3a571f87873645f8b2e8a4fc1abf
b581789689cb0618636d1f6520069dc66c4ad0a28f56bd3dbf9642e173268352
POST /bf/64c1816d-6e0e-49fd-b84e-9219242b04f8?type=js3&sn=v_4_srv_6_sn_2P83KULRRNQ0MTEHUTH0DUPA3IVKHB29_app-3Aeaa5724f389ac530_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=6&flavor=cors&vi=IMFIANMIDKJGQBRDCMPVAFOFFCDRVUKH-0&modifiedSince=1669425152144&rf=http%3A%2F%2Fsecure-key-online-user.duckdns.org%2Flogin.php&bp=3&app=eaa5724f389ac530&crc=1805034322&en=0k1nak6s&end=1 HTTP/1.1
Host: gwdytpd.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 6761
Origin: http://secure-key-online-user.duckdns.org
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 08:23:29 GMT
Access-Control-Allow-Origin: http://secure-key-online-user.duckdns.org
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 222
Set-Cookie: TS018640a2=014be3f72444ebbf22bdb8d94acd625ed3d3e0213b4beeca632470ce351a0d32498bbaa87620a1ad5960313c8d290e60c24af12996; Path=/; Domain=.gwdytpd.key.com; Secure; HTTPOnly
TSd3fec068027=08746db6a7ab2000c7d55386070ba7ad391480cce32f18c8dde52042372a20227258560d911335a7081a97c161113000259f3aafe523af3fec076433b69247a97e44650eb5c18b4504159c47e34c973c289a7030092c935da55aa16a33689bd1; Path=/
ibx.key.com/ibxolb/styles/ibx-globals-key.css
0 B URL ibx.key.com/ibxolb/styles/ibx-globals-key.css
IP :0
GET /ibxolb/styles/ibx-globals-key.css HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://secure-key-online-user.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site