Report - inalab.ddns.net/irispacientes/login

Report Overview

Submitted URL
inalab.ddns.net/irispacientes/login_nuevo.asp
IP
190.22.160.25
ASN
#7418 TELEFONICA CHILE S.A.
Submitted
2023-06-05 19:12:48
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
15
Network Intrusion Detection
28
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-05	348 B	886 B	142.250.74.74
inalab.ddns.net	unknown	unknown	No data	No data	6.0 kB	691 kB	190.22.160.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-05 19:12:29	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:29	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:29	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:30	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:30	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:30	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:31	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:32	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:32	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-05 19:12:32	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:33	medium	Client IP	190.22.160.25	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
2023-06-05 19:12:33	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	inalab.ddns.net/irispacientes/js/bootstrap.js	69 kB	2023-03-07	2024-05-03
Pretty URL inalab.ddns.net/irispacientes/js/bootstrap.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:24 Last Seen2024-05-03 13:54:16 Times Seen425 Hash ed69cf59ee487638489ff8742a469e43 8cf4186ce86777b4b408ce308ca9f66dd421f509 defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d Loading...

	inalab.ddns.net/irispacientes/login_nuevo.asp	0 B	2023-03-07	2024-05-07
Pretty URL inalab.ddns.net/irispacientes/login_nuevo.asp IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 18:01:25 Times Seen37413702 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	inalab.ddns.net/irispacientes/calendar-setup.js	8.9 kB	2023-03-07	2024-03-29
Pretty URL inalab.ddns.net/irispacientes/calendar-setup.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:04 Last Seen2024-03-29 16:50:48 Times Seen15 Hash 827fe521cb469f302e9fdce02c738c7e 9387474b550e0523269d650100dbd09f11077e34 ae6da31800b2f9e1a635791ab410d9a3c3997be2a2134854e30dc1a1c260d4e6 Loading...

	inalab.ddns.net/irispacientes/js/jquery-2.1.4.js	248 kB	2023-03-07	2024-05-07
Pretty URL inalab.ddns.net/irispacientes/js/jquery-2.1.4.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:57 Last Seen2024-05-07 10:13:39 Times Seen700 Hash 107fbe9555bfc88ec5cab524c790fe34 0fed45ad7a48ace869bc725ca474ad86a1ef1562 b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e Loading...

	inalab.ddns.net/irispacientes/login_nuevo.asp	0 B	2023-03-07	2024-05-07
Pretty URL inalab.ddns.net/irispacientes/login_nuevo.asp IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 18:01:25 Times Seen37413702 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	inalab.ddns.net/irispacientes/login_nuevo.asp	0 B	2023-03-07	2024-05-07
Pretty URL inalab.ddns.net/irispacientes/login_nuevo.asp IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 18:01:25 Times Seen37413702 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	inalab.ddns.net/irispacientes/Java/dia.js	548 B	2023-06-05	2023-06-05
Pretty URL inalab.ddns.net/irispacientes/Java/dia.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 21:12:54 Last Seen2023-06-05 21:12:54 Times Seen1 Hash dfc82d5f4eb539e35acfac156f04a22b 265447ccbef2c7e618a17ace4c5a9c73abac54cb e5da0eeb8fd0116deb3fa2d3e12d9687e06a59ff99884505270a996b31b5055a Loading...

	inalab.ddns.net/irispacientes/login_nuevo.asp	0 B	2023-03-07	2024-05-07
Pretty URL inalab.ddns.net/irispacientes/login_nuevo.asp IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 18:01:25 Times Seen37413702 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	inalab.ddns.net/irispacientes/calendar.js	49 kB	2023-03-07	2024-03-29
Pretty URL inalab.ddns.net/irispacientes/calendar.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:04 Last Seen2024-03-29 16:50:49 Times Seen11 Hash 4479c59aacfe4249f7e4dfacca610db9 2ac9ce3e782ce1e32fec8266c0fd42b6c60b77d8 a2d17801fd8340c78b522f087c0b63cc75abb53b918f6e8e8b69e16c236c1f17 Loading...

	inalab.ddns.net/irispacientes/calendar-es.js	3.9 kB	2023-06-05	2024-04-27
Pretty URL inalab.ddns.net/irispacientes/calendar-es.js IP 190.22.160.25 ASN #7418 TELEFONICA CHILE S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 21:12:54 Last Seen2024-04-27 20:25:53 Times Seen117 Hash 5728a3665edb05faed6661f0f77c6eab 1d27e55302983310e1f42ffc59d4c81eba90edc6 d0caef6b7bd0612ea2123d7e114a4027f16a86f4da4fdf3e5f462c2f6ab3762c Loading...

		Size	First Seen	Last Seen
	#1 Write - bab51b3a9de1a2f40dd6829d336af805	22 B	2023-06-05	2023-06-05
Pretty Observations First Seen2023-06-05 21:12:54 Last Seen2023-06-05 21:12:54 Times Seen1 Hash bab51b3a9de1a2f40dd6829d336af805 e7429fe9786d71b4fa34e7d68172b12ec33432f7 a924a276114e3e4838fa071e4cbb4869c6bd9d49893badd32f9327358a97d2d1 Loading...

HTTP Transactions (15)

URL IP Response Size

fonts.googleapis.com/css?family=ABeeZee

142.250.74.74

200 OK

349 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=ABeeZee
IP
142.250.74.74:80
ASN
#15169 GOOGLE

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
349 B (349 bytes)
Hash
7c56cc7365f521f17c20a93b9ed2ceff
c36423ebfb5b102083c5c9b145d14d3dd12d7499
f8b8a56dd046dd200847ae02fb88bf5df6252fc7103cb28a990b51cf72bfb4e9

HTTP Headers

GET /css?family=ABeeZee HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Jun 2023 19:12:31 GMT
Date: Mon, 05 Jun 2023 19:12:31 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

inalab.ddns.net/irispacientes/login_nuevo.asp

190.22.160.25

9.2 kB

URL User Request GET
inalab.ddns.net/irispacientes/login_nuevo.asp
IP
190.22.160.25:0
ASN
#7418 TELEFONICA CHILE S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (315), with CRLF line terminators
Size
9.2 kB (9211 bytes)
Hash
93a7db67fcc648674b062cfa606e1103
49057cd2f43646a7dcffa11f10c11acaa89599fb
fd45b17a9b9acdfe0127c73e290022a4cdbbb919d2ca030d47b4715c003ae130

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/login_nuevo.asp HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9211
Content-Type: text/html
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB; path=/
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT

inalab.ddns.net/irispacientes/Java/dia.js

190.22.160.25

200 OK

546 B

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/Java/dia.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
exported SGML document, ISO-8859 text, with CRLF line terminators
Size
546 B (546 bytes)
Hash
96d843feee9f72d21316c0406bb1e9e4
70380278551b34c6fb830065284ee607139a06f5
8de78c2d480558489dd2e27aef05e890c9062d822e94f3b44d39a2a55af02c89

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/Java/dia.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 05 Aug 2006 19:50:22 GMT
Accept-Ranges: bytes
ETag: "093f762c8b8c61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 546

inalab.ddns.net/irispacientes/calendar-blue2.css

190.22.160.25

200 OK

5.0 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/calendar-blue2.css
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
5.0 kB (5006 bytes)
Hash
654dfacebcdd70c75ccaf2b4aee2d059
0437bf55a666998e99dca3387a789fcde232d439
f3fa095b715408e80ddd44ff9623b71ea50ae4f6c77101fc5e7bc77c99243f37

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/calendar-blue2.css HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 07 Mar 2005 23:06:36 GMT
Accept-Ranges: bytes
ETag: "066aa4f6a23c51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 5006

inalab.ddns.net/irispacientes/calendar-setup.js

190.22.160.25

200 OK

8.9 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/calendar-setup.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
8.9 kB (8853 bytes)
Hash
827fe521cb469f302e9fdce02c738c7e
9387474b550e0523269d650100dbd09f11077e34
ae6da31800b2f9e1a635791ab410d9a3c3997be2a2134854e30dc1a1c260d4e6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/calendar-setup.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 07 Mar 2005 23:06:46 GMT
Accept-Ranges: bytes
ETag: "047a0556a23c51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 8853

inalab.ddns.net/irispacientes/Estilos.css

190.22.160.25

200 OK

3.4 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/Estilos.css
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
assembler source, ASCII text, with CRLF line terminators
Size
3.4 kB (3429 bytes)
Hash
d5f1d16fc707542582526eaeb447270f
deb53cb10ce443dea65681cc0e492af098eafcd0
bf60eeb08a12d8fd36d685423ba64229458f7b4fd7ec4921d1b8ae7f640e5e34

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/Estilos.css HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 02 Aug 2007 17:10:00 GMT
Accept-Ranges: bytes
ETag: "06458f527d5c71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:52 GMT
Content-Length: 3429

inalab.ddns.net/irispacientes/calendar-es.js

190.22.160.25

200 OK

3.9 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/calendar-es.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ISO-8859 text
Size
3.9 kB (3917 bytes)
Hash
22e61ea2378fca2c63e016b4f0fe7c3c
d53134b7f86d825ed986dbfc2a51c55fa9a415ef
d43a1d4f6b38bf78bf5cd3894eb9337c9504393f650e3bd293de2e772a91f49b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/calendar-es.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 07 Mar 2005 23:06:36 GMT
Accept-Ranges: bytes
ETag: "066aa4f6a23c51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:52 GMT
Content-Length: 3917

inalab.ddns.net/irispacientes/css/font-awesome-4.5.0/css/font-awesome.css

190.22.160.25

200 OK

33 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/css/font-awesome-4.5.0/css/font-awesome.css
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
33 kB (33233 bytes)
Hash
5343ee1a287a65ff20961476fd8a6188
b488600451227b445414796e9b8550e7c1bd6d29
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/css/font-awesome-4.5.0/css/font-awesome.css HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 18 Jul 2018 21:29:07 GMT
Accept-Ranges: bytes
ETag: "8093a95bde1ed41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 33233

inalab.ddns.net/irispacientes/js/bootstrap.js

190.22.160.25

200 OK

69 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/js/bootstrap.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
69 kB (68954 bytes)
Hash
ed69cf59ee487638489ff8742a469e43
8cf4186ce86777b4b408ce308ca9f66dd421f509
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/js/bootstrap.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 18 Jul 2018 21:29:07 GMT
Accept-Ranges: bytes
ETag: "8093a95bde1ed41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 68954

inalab.ddns.net/irispacientes/calendar.js

190.22.160.25

200 OK

49 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/calendar.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
49 kB (49237 bytes)
Hash
4479c59aacfe4249f7e4dfacca610db9
2ac9ce3e782ce1e32fec8266c0fd42b6c60b77d8
a2d17801fd8340c78b522f087c0b63cc75abb53b918f6e8e8b69e16c236c1f17

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/calendar.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 07 Mar 2005 23:06:46 GMT
Accept-Ranges: bytes
ETag: "047a0556a23c51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:52 GMT
Content-Length: 49237

inalab.ddns.net/irispacientes/css/bootstrap.css

190.22.160.25

200 OK

146 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/css/bootstrap.css
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text, with very long lines (540)
Size
146 kB (146082 bytes)
Hash
5ba37ad9163643c32251366754f08b2a
4316dcfb54e1b0a428e1d37203a4028fd0408298
ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/css/bootstrap.css HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 18 Jul 2018 21:29:07 GMT
Accept-Ranges: bytes
ETag: "8093a95bde1ed41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 146082

inalab.ddns.net/irispacientes/js/jquery-2.1.4.js

190.22.160.25

200 OK

248 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/js/jquery-2.1.4.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
248 kB (247597 bytes)
Hash
107fbe9555bfc88ec5cab524c790fe34
0fed45ad7a48ace869bc725ca474ad86a1ef1562
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/js/jquery-2.1.4.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Wed, 18 Jul 2018 21:29:07 GMT
Accept-Ranges: bytes
ETag: "8093a95bde1ed41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:51 GMT
Content-Length: 247597

inalab.ddns.net/irispacientes/FIRMAS/LogoPrincipal.jpg

190.22.160.25

200 OK

36 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/FIRMAS/LogoPrincipal.jpg
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 803x454, components 3\012- data
Size
36 kB (36360 bytes)
Hash
15028e3d367685f891a02c11a95ee42f
64df19fc88563b7ad24e767d11a77273336ec98b
053f1c8f4ec1f3da194d127e30ee469929df3a4c583a9efe420d32b37500c3ab

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/FIRMAS/LogoPrincipal.jpg HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 20 Mar 2017 15:14:42 GMT
Accept-Ranges: bytes
ETag: "193926b38ca1d21:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:53 GMT
Content-Length: 36360

inalab.ddns.net/irispacientes/js/jquery-2.1.4.js

190.22.160.25

200 OK

74 kB

URL GET HTTP/1.1
inalab.ddns.net/irispacientes/js/jquery-2.1.4.js
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
ASCII text
Size
74 kB (73479 bytes)
Hash
107fbe9555bfc88ec5cab524c790fe34
0fed45ad7a48ace869bc725ca474ad86a1ef1562
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /irispacientes/js/jquery-2.1.4.js HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 18 Jul 2018 21:29:07 GMT
Accept-Ranges: bytes
ETag: "8093a95bde1ed41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:53 GMT
Content-Length: 73479

inalab.ddns.net/favicon.ico

190.22.160.25

404 Not Found

1.2 kB

URL GET HTTP/1.1
inalab.ddns.net/favicon.ico
IP
190.22.160.25:80
ASN
#7418 TELEFONICA CHILE S.A.

Requested by
http://inalab.ddns.net/irispacientes/login_nuevo.asp

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: inalab.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://inalab.ddns.net/irispacientes/login_nuevo.asp
Cookie: ASPSESSIONIDCCSSQADT=BJBBDHPCBDECILGJAHEGFAEB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 05 Jun 2023 20:09:53 GMT
Content-Length: 1245

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML