| | 104.255.153.198 | 200 OK | 840 B |
URL User Request GET HTTP/1.1IP104.255.153.198:80
File typeHTML document, ASCII text Hash347a4ac5cc6f8d4a255e22bd082fbc04 de2b21cbdf5b80895956a979fba7df682075d45b 87da5f189257721a13c77f7bb32dd3613e3a0a2356ced729ea0cc9a4bdac2c42
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET / HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:55 GMT
Content-Type: text/html
Content-Length: 840
Last-Modified: Sat, 16 Mar 2024 15:48:19 GMT
Connection: keep-alive
ETag: "65f5bf43-348"
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/uni.07e52d16.css | 104.255.153.198 | 200 OK | 489 B |
URL GET HTTP/1.10gyc79.duckdns.org/assets/uni.07e52d16.css IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeASCII text, with very long lines (1092) Hash82870e926b8f0acf2a17a418ee02a597 fd01a21c47c165f82303a1cae409521c7483d34d 07e52d16eab103cde90a03bb0f7285a1366ae5874ee1f00841d645ff43966634
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/uni.07e52d16.css HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:55 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65d3777f-445"
Expires: Sat, 11 May 2024 05:13:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| 0gyc79.duckdns.org/assets/index-44297b41.css | 104.255.153.198 | 200 OK | 1.5 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/index-44297b41.css IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeASCII text, with very long lines (3779) Hash7d3ce4022c21d70bdf616ee723f04510 c0855c1fbe6f7bab264869fb111da9cec6da7d27 44297b414ff828ce846be5e65b9c2f267e6ea6295e065f91eea35f1833d4069d
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/index-44297b41.css HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:55 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65d3777f-ec4"
Expires: Sat, 11 May 2024 05:13:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| 0gyc79.duckdns.org/assets/index-a3f073a0.js | 104.255.153.198 | 200 OK | 40 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/index-a3f073a0.js IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (59880) Hash5c03359f4b1d676702371b8a13bc9c8c 54b0ef019e66fe056e93794cccc39a7ddbb78bb5 afb7780a0afb3f7bdb63200ae54fe51473d2ef5c28a6c3af0f263e2922993183
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/index-a3f073a0.js HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65d3777f-1762e"
Expires: Sat, 11 May 2024 05:13:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| 0gyc79.duckdns.org/assets/pages-index-index.7b6c1bb5.js | 104.255.153.198 | 200 OK | 4.8 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/pages-index-index.7b6c1bb5.js IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7759) Hash71ecb39bfd1ae099e7d71cbe47f8912d 73850a58817190ff14df41bb56d7109c252381ec 19fe381743e14f6befce6298e5a90405d44f433bfadd37abce7afab13e596dc1
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/pages-index-index.7b6c1bb5.js HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/assets/index-a3f073a0.js
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: application/javascript
Last-Modified: Tue, 02 Apr 2024 10:08:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"660bd931-1f8a"
Expires: Sat, 11 May 2024 05:13:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| 0gyc79.duckdns.org/favicon.ico | 104.255.153.198 | 404 Not Found | 146 B |
URL GET HTTP/1.10gyc79.duckdns.org/favicon.ico IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /favicon.ico HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
|
|
| 0gyc79.duckdns.org/static/css/index.css | 104.255.153.198 | 200 OK | 1.3 kB |
URL GET HTTP/1.10gyc79.duckdns.org/static/css/index.css IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
Hash2cdaac6f028ba5291f9142b2386d355c aadcb0d76134230ed2f88f3449277f7d0ac534ef 21ca84f6f6bbfe2a4e27b23704634f80a67ce9d33d23d26e961603bd1a42f22d
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /static/css/index.css HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: text/css
Last-Modified: Sat, 16 Mar 2024 15:16:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65f5b7ce-1010"
Expires: Sat, 11 May 2024 05:13:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| 0gyc79.duckdns.org/assets/wenzi2-d5a2a494.png | 104.255.153.198 | 200 OK | 8.5 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/wenzi2-d5a2a494.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 347 x 179, 8-bit/color RGB, non-interlaced Hashd9aa131a86a8cd4058bc46eb96afb14f 70ff66fdb08773c080c65c1c4e1150c660ba46e9 d5a2a49470cf7a7063292ec14f1baa47cc41dd6459528db1bc25286d4c566e4e
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/wenzi2-d5a2a494.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 8455
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Connection: keep-alive
ETag: "65d3777f-2107"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/wenzi0-3f132efc.png | 104.255.153.198 | 200 OK | 9.8 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/wenzi0-3f132efc.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 345 x 171, 8-bit/color RGBA, non-interlaced Hash0ef28d6e07df1259c56186bdf8f2248d a112f98701a11a321e199f7d40675fc51d1f1005 d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/wenzi0-3f132efc.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 9773
Last-Modified: Sat, 16 Mar 2024 15:18:38 GMT
Connection: keep-alive
ETag: "65f5b84e-262d"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/4-85522e9e.jpg | 104.255.153.198 | 200 OK | 108 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/4-85522e9e.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 564x1333, components 3 Size108 kB (108084 bytes) Hash2fc3da553bf4ea84a240ef43e9fbcd9b 83dddda7789b7eb75d53af4099457854ee37c310 85522e9e0cd1b576f002745cd22c84b3fd797e2eacdf35319e85d29c5e6a0549
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/4-85522e9e.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 108084
Last-Modified: Sat, 16 Mar 2024 15:43:02 GMT
Connection: keep-alive
ETag: "65f5be06-1a634"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/wenzi1-d1d062fe.png | 104.255.153.198 | 200 OK | 9.8 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/wenzi1-d1d062fe.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 345 x 171, 8-bit/color RGBA, non-interlaced Hash0ef28d6e07df1259c56186bdf8f2248d a112f98701a11a321e199f7d40675fc51d1f1005 d37372b4fdda1878546c9e2dca770ddb718dfd03be3b14f07a3f703092c54863
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/wenzi1-d1d062fe.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 9773
Last-Modified: Sat, 16 Mar 2024 15:19:00 GMT
Connection: keep-alive
ETag: "65f5b864-262d"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/topbanner-b629c3c2.png | 104.255.153.198 | 200 OK | 56 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/topbanner-b629c3c2.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 676 x 280, 8-bit/color RGBA, non-interlaced Hash4f7c6dc5b014b9fa00df6377b47a0312 735cde6d5a83b407a4f9dadef90d0dcc10bd5d92 b629c3c290d55f4bdc6aace4dfb809fe6a388df4a793a4b33364ca75dd0fd1f2
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/topbanner-b629c3c2.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 56056
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Connection: keep-alive
ETag: "65d3777f-daf8"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/logo-f24f6eb0.png | 104.255.153.198 | 200 OK | 8.6 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/logo-f24f6eb0.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 564 x 126, 8-bit/color RGBA, non-interlaced Hash278190a0918d1bdba49ed5bdb2e99eb7 c73d5dbd405018c5897deec1775ca491d96578a3 22de9975408fe75e94c2ec2c612bd874eb4ee7e158b900294ba4285fdf2f05a3
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/logo-f24f6eb0.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 8636
Last-Modified: Sat, 16 Mar 2024 15:24:51 GMT
Connection: keep-alive
ETag: "65f5b9c3-21bc"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/static/images/logo1.png | 104.255.153.198 | 200 OK | 133 kB |
URL GET HTTP/1.10gyc79.duckdns.org/static/images/logo1.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 376 x 814, 8-bit/color RGBA, non-interlaced Size133 kB (133163 bytes) Hash8212e89a6d6a8a399e7408dd13cf1b71 9879e0d339615ae4241ad74447a9a2025012ddeb 14a076d4b530a76243d0eb747207210a8f7037d5afb2672d907e0b79c1993540
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /static/images/logo1.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/static/css/index.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 133163
Last-Modified: Sat, 16 Mar 2024 15:00:47 GMT
Connection: keep-alive
ETag: "65f5b41f-2082b"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/5-8a4879e9.jpg | 104.255.153.198 | 200 OK | 220 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/5-8a4879e9.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1260x2467, components 3 Size220 kB (220434 bytes) Hash70d4ce3151128521dbf612eb23d3d478 4f19243bbd203394289bce990a36fbd636ffb4cf 604972b1f9b31f40ed54a231c5f55e25f41b138bc43f06c1777f8d90fc70b628
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/5-8a4879e9.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 220434
Last-Modified: Sat, 16 Mar 2024 15:45:24 GMT
Connection: keep-alive
ETag: "65f5be94-35d12"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/7-499c11e1.jpg | 104.255.153.198 | 200 OK | 173 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/7-499c11e1.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1260x2607, components 3 Size173 kB (172925 bytes) Hash9049d9546194dbd2fa7abbbd2576952a 40fa92690a04d4a5d744e49372af725bf1ac26b1 fcef8054e8c4f1db57ef18f1a261c7feb2270c9b2858882bf10884e86a36d5ef
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/7-499c11e1.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 172925
Last-Modified: Sat, 16 Mar 2024 15:39:55 GMT
Connection: keep-alive
ETag: "65f5bd4b-2a37d"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/3-9f7c6283.jpg | 104.255.153.198 | 200 OK | 193 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/3-9f7c6283.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1067x2117, components 3 Size193 kB (192957 bytes) Hash9bb7d5837da189a0dd3e628b83ea65a8 2b6737d37e37d4df6d2e9ad9274987a620019d0f 9f7c6283db42f8966f0e809a7202b6e2f2f18f9e1e0c10eb90379b9b5a13a62c
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/3-9f7c6283.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 192957
Last-Modified: Sat, 16 Mar 2024 15:43:01 GMT
Connection: keep-alive
ETag: "65f5be05-2f1bd"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/6-e431ac81.jpg | 104.255.153.198 | 200 OK | 152 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/6-e431ac81.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1260x2462, components 3 Size152 kB (152169 bytes) Hashb3a3f10a85ad8729318afdf97ea72236 a7f78663d1eaffc7d33df6f949e4b8285116be37 9851f0ef6ec7d7012161ba7de43dfe61ae0683b69c9a9fe34251fe32f4b41e34
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/6-e431ac81.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 152169
Last-Modified: Sat, 16 Mar 2024 15:45:16 GMT
Connection: keep-alive
ETag: "65f5be8c-25269"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/tu1-b1ddc6d0.png | 104.255.153.198 | 200 OK | 39 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/tu1-b1ddc6d0.png IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typePNG image data, 287 x 431, 8-bit/color RGB, non-interlaced Hash5d61e494cb6055df1f25bdb919335159 96abee1d2dd6a81dcae0e644e21754e6ddac660e b1ddc6d02f7c472793efc4b57a5e7399d9578ffaadca2ca924fc74b4852bdcd1
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/tu1-b1ddc6d0.png HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/png
Content-Length: 38803
Last-Modified: Mon, 19 Feb 2024 15:45:03 GMT
Connection: keep-alive
ETag: "65d3777f-9793"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/1-85b7a68d.jpg | 104.255.153.198 | 200 OK | 158 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/1-85b7a68d.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1258x2464, components 3 Size158 kB (158452 bytes) Hash93e7608cc20f25b39c76d38762ba5979 249e2f687edcef851136fb37ef27893eb273d5fe ffd083934935c13e41a58e4f974ae5b982ca650cfa84b8b6425d043fe53393db
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/1-85b7a68d.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 158452
Last-Modified: Sat, 16 Mar 2024 15:45:18 GMT
Connection: keep-alive
ETag: "65f5be8e-26af4"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| 0gyc79.duckdns.org/assets/2-fd352367.jpg | 104.255.153.198 | 200 OK | 234 kB |
URL GET HTTP/1.10gyc79.duckdns.org/assets/2-fd352367.jpg IP104.255.153.198:80
Requested byhttp://0gyc79.duckdns.org/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1244x2471, components 3 Size234 kB (233564 bytes) Hash45b64cc832ecbb96d486e07c295f44b8 59aa62d512e7e6a3561702149ea6fc00733ab235 699845d02a197fb90e0adb264ead432f3a9daa6574c21f9c3dd6848f652ba87e
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain | Quad9 DNS | malicious | Sinkholed |
NIDS | Severity | Alert | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | suricata | medium | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
GET /assets/2-fd352367.jpg HTTP/1.1
Host: 0gyc79.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:56 GMT
Content-Type: image/jpeg
Content-Length: 233564
Last-Modified: Sat, 16 Mar 2024 15:45:45 GMT
Connection: keep-alive
ETag: "65f5bea9-3905c"
Expires: Sun, 09 Jun 2024 17:13:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| cdn.dcloud.net.cn/img/shadow-grey.png | 111.231.169.247 | 200 OK | 136 B |
URL GET HTTP/1.1cdn.dcloud.net.cn/img/shadow-grey.png IP111.231.169.247:443 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
Requested byhttp://0gyc79.duckdns.org/ CertificateIssuerUnizeto Technologies S.A. Subject*.dcloud.net.cn FingerprintAE:46:5C:A4:9B:D3:F7:AC:7D:5E:C7:27:E1:5F:C3:7C:DA:CE:F2:AC ValiditySat, 05 Aug 2023 03:00:05 GMT - Tue, 03 Sep 2024 03:00:04 GMT
File typePNG image data, 1 x 6, 4-bit colormap, non-interlaced Hash5a962adf74d92ae702467b3f47976547 36f74049375584e3fa69b5ef87e9572336ff9e7a ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://0gyc79.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:13:59 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Fri, 10 May 2024 19:13:59 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=rBEQUmY+Vddizgxoo6BSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
|
|