66.150.66.238200 OK 11 kB URL User Request GET HTTP/1.1 IP 66.150.66.238:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bbd49a21bcda276b4c9f50c26dbb070c
6953f79ef1dbd34ed1acb1a9fede891422d2ae60
e54cc06a908ad5dfcfad6775fa1824406833f673458478c428dd97270a6ff7d2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET / HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/html
Content-Length: 11010
Last-Modified: Sat, 03 Jul 2021 16:54:27 GMT
Connection: keep-alive
ETag: "60e09643-2b02"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/css/animate.css
66.150.66.238200 OK 72 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/css/animate.css
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
Hash 86dba2fdf372c74ab0de839437e1c18e
619509e33ac4c3ed5e2ee51cd7ed48111041d711
bb6bcb68b4b10d5c21dbbe7297bb47db61c4b06823dd66c82528cc74efe5102b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/animate.css HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/css
Content-Length: 71552
Last-Modified: Sun, 22 May 2016 14:58:28 GMT
Connection: keep-alive
ETag: "5741c914-11780"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/css/flexslider.css
66.150.66.238200 OK 6.9 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/css/flexslider.css
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
Hash 8dbe05a4a59d1999c0612edc20b1048e
405cb4caa8f25f2c57abb1ab2a2d140e03d76c7c
8353514f712cd68216607e2a0331eda0f7acdda703bcaf80964a11240413a20c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/flexslider.css HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/css
Content-Length: 6864
Last-Modified: Thu, 08 Dec 2016 05:16:12 GMT
Connection: keep-alive
ETag: "5848ec9c-1ad0"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/css/icomoon.css
66.150.66.238200 OK 29 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/css/icomoon.css
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
Hash 5838bcdf014028ca78b1cc7b60642ade
0d88a989e4c2029f27e5c263092391d4988c9422
9c906de3901ea9791dfd389f02f2427c0dd11be970d9fe42a3b51bfdccdd7044
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/icomoon.css HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/css
Content-Length: 28702
Last-Modified: Sun, 12 Mar 2017 12:16:00 GMT
Connection: keep-alive
ETag: "58c53c00-701e"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/jquery.easing.1.3.js
66.150.66.238200 OK 8.1 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/jquery.easing.1.3.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
Hash 2cb90c06cfc2084e0e11ca2b8a10f6c9
45144c119832bb70b1d0e9708cba1e007ee9fbec
11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/jquery.easing.1.3.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: application/javascript
Content-Length: 8111
Last-Modified: Fri, 25 Sep 2015 06:57:42 GMT
Connection: keep-alive
ETag: "5604f066-1faf"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/modernizr-2.6.2.min.js
66.150.66.238200 OK 15 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/modernizr-2.6.2.min.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type HTML document, ASCII text, with very long lines (14756)
Hash c3076c3133684f1acfb50014a2aa0876
d706a39500766021bff7e8e30e847e55fe5d4a5f
08b863f1d96a63a08d1db286e9f26c766715be3c470f9c3b93a208169b22a5be
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/modernizr-2.6.2.min.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: application/javascript
Content-Length: 15413
Last-Modified: Sat, 26 Sep 2015 20:45:52 GMT
Connection: keep-alive
ETag: "56070400-3c35"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/css/style.css
66.150.66.238200 OK 26 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/css/style.css
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type ASCII text, with CRLF line terminators
Hash 68ae99170c04640131703cc907cd7333
d583c9f6d5ce7b5596d064b9ad894bfec71dfee0
8f2aeee298e5804ecd6742f1f1540c025819e1ab53c4f2d7def1792c9dccdfe8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/style.css HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/css
Content-Length: 25515
Last-Modified: Fri, 12 May 2017 05:43:50 GMT
Connection: keep-alive
ETag: "59154b96-63ab"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/jquery.min.js
66.150.66.238200 OK 84 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/jquery.min.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/jquery.min.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: application/javascript
Content-Length: 84380
Last-Modified: Tue, 28 Apr 2015 16:03:04 GMT
Connection: keep-alive
ETag: "553faf38-1499c"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/jquery.waypoints.min.js
66.150.66.238200 OK 8.8 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/jquery.waypoints.min.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash 28ef3dc306be44a30ec0d0ffe2bee109
791cc9899f0f4dc57ace616780448da4763f05bc
114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/jquery.waypoints.min.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: application/javascript
Content-Length: 8835
Last-Modified: Fri, 25 Sep 2015 06:58:42 GMT
Connection: keep-alive
ETag: "5604f0a2-2283"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/jquery.flexslider-min.js
66.150.66.238200 OK 22 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/jquery.flexslider-min.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type ASCII text, with very long lines (22247)
Hash d22c7a166ed20731c48d2f36ff1334ad
3378f3fb6246bcc88fe23e8a38e869f3756b7268
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/jquery.flexslider-min.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: application/javascript
Content-Length: 22342
Last-Modified: Mon, 16 Nov 2015 21:33:30 GMT
Connection: keep-alive
ETag: "564a4baa-5746"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/main.js
66.150.66.238200 OK 3.5 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/main.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
Hash 269f494693c970646ba98023f4a55399
9d7f29432d252beb67813da02aca253eb56cd212
bbee5c2886b3daacd0a39fa7d9088df1c038824aed057b0dd95bf63a1ec1cf4e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/main.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: application/javascript
Content-Length: 3459
Last-Modified: Thu, 23 Mar 2017 03:21:56 GMT
Connection: keep-alive
ETag: "58d33f54-d83"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/css/bootstrap.css
66.150.66.238200 OK 135 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/css/bootstrap.css
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type assembler source, ASCII text, with very long lines (576)
Size 135 kB (134656 bytes)
Hash 4f675f9f48bc0651982b342fd6ff0c5b
dcca0eb61458a27a3ad7a81a5acb941a47def237
1f7b1710ec4cebde2e20796af1baef1e3c140b1c4aa80eb54627509a84aaf34a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/bootstrap.css HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:08 GMT
Content-Type: text/css
Content-Length: 134656
Last-Modified: Mon, 23 May 2016 00:48:30 GMT
Connection: keep-alive
ETag: "5742535e-20e00"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/js/bootstrap.min.js
66.150.66.238200 OK 37 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/js/bootstrap.min.js
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type ASCII text, with very long lines (32034)
Hash 4becdc9104623e891fbb9d38bba01be4
6c264e0e0026ab5ece49350c6a8812398e696cbb
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /js/bootstrap.min.js HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: application/javascript
Content-Length: 36816
Last-Modified: Tue, 16 Jun 2015 16:29:50 GMT
Connection: keep-alive
ETag: "55804efe-8fd0"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img-3.jpg
66.150.66.238200 OK 38 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img-3.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x400, components 3\012- data
Hash 535c75531674ae254cb8470ff00b8167
4f60fefebdfcbfd42081d6c4c4bd0519c0e156b5
df181f16bb2fcf170235fa549122e1ab6dda8d773aed0e70e73b0665f48a08ef
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img-3.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 38479
Last-Modified: Mon, 08 May 2017 06:29:46 GMT
Connection: keep-alive
ETag: "5910105a-964f"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img-4.jpg
66.150.66.238200 OK 20 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img-4.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x400, components 3\012- data
Hash 1557846a62a45e6df112cd2df209bd37
a1ada353f0562af1de75b2f8841e021a6e5cfb33
d01c592aebaa553d7c65da7853edf632578a9b656f12c09e74c3ded2c18dee44
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img-4.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 19717
Last-Modified: Mon, 08 May 2017 06:29:52 GMT
Connection: keep-alive
ETag: "59101060-4d05"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img-1.jpg
66.150.66.238200 OK 16 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img-1.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x400, components 3\012- data
Hash 70d2bba34aa87499ff7390c13aa2e69a
209730d0e03b0efebb9301c230923423792525da
220fa4af78056f55f3470783047e7d97fbf3109b44bdcc2d3b5bcbdcd339fc78
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img-1.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 15536
Last-Modified: Mon, 08 May 2017 06:29:32 GMT
Connection: keep-alive
ETag: "5910104c-3cb0"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/loader.gif
66.150.66.238404 Not Found 153 B URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/loader.gif
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 359200ef8ee49c2db0375022a904e43c
68a6895b923242e52411cc9260dfdc7704cf5408
6aaf57fba9525f7f72e9ccfd52c0745bf4cebc870be6decc7b72621c24c5792c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/loader.gif HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/css/style.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
fztanzcgai.duckdns.org/images/img_bg_3.jpg
66.150.66.238200 OK 43 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img_bg_3.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x798, components 3\012- data
Hash 1c32d73b0b39152f16416a3f7a7d28d0
ca6e867c6961b2b4cb4e3cf74be399ef90335f29
4ccf8e2a336859471c3c666a1638730f2c6764331e0b2167fffc5b29bd0c6660
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img_bg_3.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 42618
Last-Modified: Mon, 08 May 2017 06:30:42 GMT
Connection: keep-alive
ETag: "59101092-a67a"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img_bg_2.jpg
66.150.66.238200 OK 47 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img_bg_2.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x800, components 3\012- data
Hash 1b52bfc0bc3d5ccff55fd69ff93bb187
7af2b8b5045460a8141f26b4bf92f7d8ce34df8d
06b3f4da0557079478a7c134c5a554fe5912996f333df063e37248986194d68b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img_bg_2.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 46819
Last-Modified: Mon, 08 May 2017 06:30:34 GMT
Connection: keep-alive
ETag: "5910108a-b6e3"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img-2.jpg
66.150.66.238200 OK 42 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img-2.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x400, components 3\012- data
Hash d54bd9f4cd142d8d7f5f3131cbeccfd4
088296d83366f9d7bdd8586e299038927fa3ea78
36259439e78196b275daa319cb7cc20de9092536dae35326aa7e03d9ab7c0ace
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img-2.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 41787
Last-Modified: Mon, 08 May 2017 06:29:40 GMT
Connection: keep-alive
ETag: "59101054-a33b"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/fonts/icomoon/icomoon.ttf?srf3rx
66.150.66.238200 OK 156 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/fonts/icomoon/icomoon.ttf?srf3rx
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 156 kB (155564 bytes)
Hash ee8d016f1bfe9220bee450ff02b59624
6a00b14581f2499eade379ac429762b337f6b7de
09675039f8d6682053b4c5d91b48fb859ccf7319b155934ad9ee2bf3efb3bd7c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /fonts/icomoon/icomoon.ttf?srf3rx HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/css/style.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: application/octet-stream
Content-Length: 155564
Last-Modified: Sun, 12 Mar 2017 12:16:00 GMT
Connection: keep-alive
ETag: "58c53c00-25fac"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/images/img_bg_1.jpg
66.150.66.238200 OK 250 kB URL GET HTTP/1.1 fztanzcgai.duckdns.org/images/img_bg_1.jpg
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x842, components 3\012- data
Size 250 kB (250407 bytes)
Hash df2e761d941b56cf241642ebc3453e96
85a072728f58db776af0d02fa17649db97800a24
71a97933336ffa5deab8f41ff2fbd543b228ccbbb7fe221973c45ba383dd8c5c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /images/img_bg_1.jpg HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:09 GMT
Content-Type: image/jpeg
Content-Length: 250407
Last-Modified: Mon, 08 May 2017 06:30:26 GMT
Connection: keep-alive
ETag: "59101082-3d227"
Accept-Ranges: bytes
fztanzcgai.duckdns.org/favicon.ico
66.150.66.238404 Not Found 153 B URL GET HTTP/1.1 fztanzcgai.duckdns.org/favicon.ico
IP 66.150.66.238:80
Requested by http://fztanzcgai.duckdns.org/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 359200ef8ee49c2db0375022a904e43c
68a6895b923242e52411cc9260dfdc7704cf5408
6aaf57fba9525f7f72e9ccfd52c0745bf4cebc870be6decc7b72621c24c5792c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /favicon.ico HTTP/1.1
Host: fztanzcgai.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fztanzcgai.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.25.0
Date: Thu, 01 Jun 2023 18:14:10 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive