Report - unitedpostalservice.ddns.net/loading.php

Report Overview

Visited public
2023-12-02 22:25:34
Tags
dyndns
URL
unitedpostalservice.ddns.net/loading.php
Finishing URL
unitedpostalservice.ddns.net/info.php
IP / ASN
13.79.120.9
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Login to Customer Portals and Tools | DHL |
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-02 05:17:37	485 B	32 kB	104.18.11.207
unitedpostalservice.ddns.net	unknown	unknown	No data	No data	7.4 kB	1.9 MB	13.79.120.9
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-02 05:09:04	1.6 kB	110 kB	151.101.1.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:21	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:22	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:22	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-02 22:25:33	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	unitedpostalservice.ddns.net/info.php	ScriptElement	96 B	2024-08-20	2024-08-20
Pretty URL unitedpostalservice.ddns.net/info.php IP 13.79.120.9 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:00 Last Seen2024-08-20 17:00 Times Seen1 Hash 1ea2cea6e931161fca89267276c17b72 188472332d0f7ec60f34d93589e6ec2104a1a560 cf2b241d209773094479923ef17f4f2450bc1855ff6e6df1dac9d39fec593c6f Loading...

	unitedpostalservice.ddns.net/js/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-05-10
Pretty URL unitedpostalservice.ddns.net/js/jquery-3.5.1.min.js IP 13.79.120.9 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 07:13 Times Seen108701 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	unitedpostalservice.ddns.net/js/jquery.mask.js	ScriptElement	23 kB	2023-03-07	2025-05-09
Pretty URL unitedpostalservice.ddns.net/js/jquery.mask.js IP 13.79.120.9 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-09 03:58 Times Seen1709 Hash 24992f1ed62baf9393609f3c6c2ad20e 34716cf70f7f7a9cd072e7796c34ce987f85d18c a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8 Loading...

HTTP Transactions (18)

URL IP Response Size

unitedpostalservice.ddns.net/loading.php

13.79.120.9

597 B

URL
unitedpostalservice.ddns.net/loading.php
IP
13.79.120.9:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
597 B (597 bytes)
Hash
192ac2ffa8a6f97e4fb171b176d4df80
51e44a134a50e38f927e39e772d8ad1a6c1be7b8
1df6a6e8d32408953e8daba3bf412767a730cb5849837e7f4ffd8245734802c6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /loading.php HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:16 GMT
content-type: text/html; charset=UTF-8
content-length: 597
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.2.13, PleskLin
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

151.101.1.229

200 OK

8.8 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
8.8 kB (8770 bytes)
Hash
ea83ae92c684331d2096c4d3306a04de
1865dddcbb7b67dcef4250e590cc9a9574aba673
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

HTTP Headers

GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
content-encoding: br
accept-ranges: bytes
date: Sat, 02 Dec 2023 22:25:16 GMT
age: 803124
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8770
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/favicon.ico

13.79.120.9

200 OK

1.2 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/favicon.ico
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/favicon.ico HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/loading.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:17 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Tue, 20 Sep 2022 19:50:38 GMT
etag: "632a198e-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/info.php

13.79.120.9

200 OK

2.5 kB

URL User Request GET HTTP/2
unitedpostalservice.ddns.net/info.php
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.5 kB (2458 bytes)
Hash
27fdbc2455bdf2be479bb08b1a860da1
f42c28db46838d1600163be3a4e7ceedce0b28fe
309fa1f4d5dc269f69411a54ceee4decc639133a17c588650a0795c2d44f4b96

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /info.php HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/loading.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: text/html; charset=UTF-8
content-length: 2458
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.2.13, PleskLin
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

151.101.1.229

200 OK

8.8 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
8.8 kB (8770 bytes)
Hash
ea83ae92c684331d2096c4d3306a04de
1865dddcbb7b67dcef4250e590cc9a9574aba673
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

HTTP Headers

GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 8770
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
content-encoding: br
accept-ranges: bytes
date: Sat, 02 Dec 2023 22:25:27 GMT
age: 803134
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

unitedpostalservice.ddns.net/css/bootstrap.css

13.79.120.9

200 OK

28 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/css/bootstrap.css
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (560)
Size
28 kB (28339 bytes)
Hash
052dfc723bbdf659b1528e37b1472301
a06f1b5340a4dceaa9a8e044d0248ab48fcb7e17
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/loading.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:16 GMT
content-type: text/css
last-modified: Mon, 28 Feb 2022 07:43:06 GMT
etag: W/"621c7d0a-2f1f7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/group.svg

13.79.120.9

200 OK

12 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/group.svg
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Size
12 kB (11968 bytes)
Hash
d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/group.svg HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/svg+xml
content-length: 11968
last-modified: Fri, 23 Sep 2022 22:05:48 GMT
etag: "632e2dbc-2ec0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/dhl-logo.svg

13.79.120.9

200 OK

1.6 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/dhl-logo.svg
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.6 kB (1603 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/dhl-logo.svg HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Tue, 20 Sep 2022 20:33:32 GMT
etag: "632a239c-643"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/socio.png

13.79.120.9

200 OK

1.3 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/socio.png
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
PNG image data, 172 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1292 bytes)
Hash
85fcc8db797ded15a1e7736d80a98026
6167fd8c4ea5bc75ad6e668cd967d0a3715bec20
39b5e1fdc845a00e044f1d5136d4d365e319d79caae542b2abef7e9a7eb7d786

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/socio.png HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/png
content-length: 1292
last-modified: Fri, 23 Sep 2022 22:19:30 GMT
etag: "632e30f2-50c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

151.101.1.229

200 OK

90 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 90528, version 1.0\012- data
Size
90 kB (90528 bytes)
Hash
e07b538aa51b6fa77f32828af21cb591
4649877868a0068ce50b105d0d2a235e8010c98f
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

HTTP Headers

GET /npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://unitedpostalservice.ddns.net
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 90528
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
accept-ranges: bytes
date: Sat, 02 Dec 2023 22:25:27 GMT
age: 2155689
x-served-by: cache-fra-eddf8230031-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

unitedpostalservice.ddns.net/image/titiza.png

13.79.120.9

200 OK

1.7 MB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/titiza.png
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
PNG image data, 1365 x 426, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 MB (1694457 bytes)
Hash
88b1e83223390f1e035ff2d2609ce98b
cf3ba9914db971cdef4bfb71d935e0b97232825c
bf90771220c51af99c6e15274dc84ee40078e8ddde71a823ad6ee98569a57733

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/titiza.png HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/css/posta.css
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/png
content-length: 1694457
last-modified: Tue, 20 Sep 2022 21:23:58 GMT
etag: "632a2f6e-19daf9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/favicon.ico

13.79.120.9

200 OK

1.2 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/favicon.ico
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/favicon.ico HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Tue, 20 Sep 2022 19:50:38 GMT
etag: "632a198e-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/js/jquery.mask.js

13.79.120.9

200 OK

23 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/js/jquery.mask.js
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
ASCII text
Size
23 kB (23176 bytes)
Hash
24992f1ed62baf9393609f3c6c2ad20e
34716cf70f7f7a9cd072e7796c34ce987f85d18c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /js/jquery.mask.js HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 21:30:48 GMT
etag: W/"5e7a7c08-5a88"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/js/jquery.mask.js

13.79.120.9

200 OK

23 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/js/jquery.mask.js
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
ASCII text
Size
23 kB (23176 bytes)
Hash
24992f1ed62baf9393609f3c6c2ad20e
34716cf70f7f7a9cd072e7796c34ce987f85d18c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /js/jquery.mask.js HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 21:30:48 GMT
etag: W/"5e7a7c08-5a88"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/image/camion.png

13.79.120.9

200 OK

6.8 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/image/camion.png
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6755 bytes)
Hash
4d6c500f19032f9ad24f0c20751eb16c
41e562ed29a58274f0871409bc4dc29e07ab0314
9749654bdfcce79bc06740ed18ce854c5bc56fd419a8d59fc590777ba942105e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /image/camion.png HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: image/png
content-length: 6755
last-modified: Tue, 20 Sep 2022 21:55:54 GMT
etag: "632a36ea-1a63"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/css/posta.css

13.79.120.9

200 OK

14 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/css/posta.css
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
ASCII text, with CRLF line terminators
Size
14 kB (14217 bytes)
Hash
6f7b4b36856517df7290a25fd67463f7
16dee3f1d0dc291db63df1926a9ba209341041ee
4d4c2229366643e0f0c76860971f79393833087f09b21c07ec026db6e289e801

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /css/posta.css HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 02:01:00 GMT
etag: W/"63364ddc-3789"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

unitedpostalservice.ddns.net/js/jquery-3.5.1.min.js

13.79.120.9

200 OK

90 kB

URL GET HTTP/2
unitedpostalservice.ddns.net/js/jquery-3.5.1.min.js
IP
13.79.120.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerLet's Encrypt
Subjectunitedpostalservice.ddns.net
Fingerprint98:09:C2:8B:8D:67:B9:A2:43:28:66:77:BC:67:E8:C7:8B:A0:6A:A9
ValiditySat, 02 Dec 2023 00:12:37 GMT - Fri, 01 Mar 2024 00:12:36 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /js/jquery-3.5.1.min.js HTTP/1.1
Host: unitedpostalservice.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/info.php
Cookie: PHPSESSID=5pj8f26v1tltjhspc056j8ncd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: application/javascript
last-modified: Fri, 29 Jan 2021 08:36:20 GMT
etag: W/"6013c904-15d84"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/3
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://unitedpostalservice.ddns.net/info.php
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unitedpostalservice.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 02 Dec 2023 22:25:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 930102
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82f6fc619fe0568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers