riki361521373.duckdns.org/invalid.html
47.254.253.51200 OK 3.1 kB URL User Request GET HTTP/1.1 riki361521373.duckdns.org/invalid.html
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (523), with CRLF line terminators
Hash 0d3b582d5d6bede0dca140d7e7af4d0e
e54d147964e7623f6338364ff87b853c75a0853f
f7aaaca92c45a4e999af4a46dc4899599cd6536f31228d0a3000a34e14e4711e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata high ET PHISHING Facebook Credential Phish Landing Page M1 2022-08-01
suricata high ET PHISHING Facebook Credential Phish Landing Page M2 2022-08-01
GET /invalid.html HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Etag: "3564-62fbdd14-142a89;gz"
Last-Modified: Tue, 16 Aug 2022 18:08:20 GMT
Content-Type: text/html
Content-Length: 3060
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:07 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/1-KA_puvd3z6.css
47.254.253.51200 OK 12 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/1-KA_puvd3z6.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (4404)
Hash 823fb0bde1638cbe90c54a2ede34354d
ad1c8ee4fd62115c4d3c5a021f01994585132ec5
2becd2fe4a703fa46bd985f71ac02b18c3e46db18ad69a9c8b1c8c4c05f9c1a1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/1-KA_puvd3z6.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "d1f8-616d28c6-142a90;gz"
Last-Modified: Mon, 18 Oct 2021 07:56:54 GMT
Content-Type: text/css
Content-Length: 12416
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/vd5Go76gH.css
47.254.253.51200 OK 3.7 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/vd5Go76gH.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (3836)
Hash 2643910fde59b74a69a6bce85782cb8f
bf08698ab15d3ae0edaa8433336efc2209e210f1
dd3a67a7299a242c3b49064be260e5f6e937ac36d91fead6453daea315a614ad
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/vd5Go76gH.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "38c2-60ce2b00-142a9a;gz"
Last-Modified: Sat, 19 Jun 2021 17:36:00 GMT
Content-Type: text/css
Content-Length: 3711
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/fe46Dg9Fy7.css
47.254.253.51200 OK 3.5 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/fe46Dg9Fy7.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (19867), with no line terminators
Hash fda996c9efb647f4acb977ab7c2a6750
d2ae51cb606963d645e4a1c89031891c8d5b9f56
58ca5e14a6cbcd2d21e53994a6b8aee07e6962b0d39202db0c7603bbf7fff459
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/fe46Dg9Fy7.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "4d9b-60cddbda-142a92;gz"
Last-Modified: Sat, 19 Jun 2021 11:58:18 GMT
Content-Type: text/css
Content-Length: 3502
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/vd5Go76gH.css
47.254.253.51200 OK 3.7 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/vd5Go76gH.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (3836)
Hash 2643910fde59b74a69a6bce85782cb8f
bf08698ab15d3ae0edaa8433336efc2209e210f1
dd3a67a7299a242c3b49064be260e5f6e937ac36d91fead6453daea315a614ad
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/vd5Go76gH.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "38c2-60ce2b00-142a9a;gz"
Last-Modified: Sat, 19 Jun 2021 17:36:00 GMT
Content-Type: text/css
Content-Length: 3711
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/fe46Dg9Fy7.css
47.254.253.51200 OK 3.5 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/fe46Dg9Fy7.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (19867), with no line terminators
Hash fda996c9efb647f4acb977ab7c2a6750
d2ae51cb606963d645e4a1c89031891c8d5b9f56
58ca5e14a6cbcd2d21e53994a6b8aee07e6962b0d39202db0c7603bbf7fff459
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/fe46Dg9Fy7.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "4d9b-60cddbda-142a92;gz"
Last-Modified: Sat, 19 Jun 2021 11:58:18 GMT
Content-Type: text/css
Content-Length: 3502
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/uYL8jyMVYgX.css
47.254.253.51200 OK 14 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/uYL8jyMVYgX.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (11447)
Hash 324990d3e46c44eda751dd4bdbdd311a
fc41762dcc9c3a6fb485cf2daeaae4b201a3eb54
7bbdc460f0a880e5fe3faabbcb121f05b373ae8ced6b5069952235cb3e50da03
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/uYL8jyMVYgX.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "13e84-61645592-142a96;gz"
Last-Modified: Mon, 11 Oct 2021 15:17:38 GMT
Content-Type: text/css
Content-Length: 14042
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/GuwON2vS.css
47.254.253.51200 OK 98 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/GuwON2vS.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (38737)
Hash b960b2727934209ef29ea4e87ff3a121
9cd7b3cba2070db14d7d1309cca18bde58727f5a
5f50b4222086248bb446d6db96e7a2dc532b66ad759e40edfd7197e50d6be528
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/GuwON2vS.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "558ad-616d28e0-142a93;gz"
Last-Modified: Mon, 18 Oct 2021 07:57:20 GMT
Content-Type: text/css
Content-Length: 97789
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/nborelSu4U-.css
47.254.253.51200 OK 1.3 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/nborelSu4U-.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (4574)
Hash b44b1c5c21d1239b31ff6ddc393223d4
8cb0f7df5b6f69c0a395638adb549d977b6007bc
b974953d54dfa068afa6044858ef346745c03aa38cee59d4c695eb2d641e757c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/nborelSu4U-.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "122e-60816e30-142a94;gz"
Last-Modified: Thu, 22 Apr 2021 12:38:08 GMT
Content-Type: text/css
Content-Length: 1293
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/nborelSu4U-.css
47.254.253.51200 OK 1.3 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/nborelSu4U-.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (4574)
Hash b44b1c5c21d1239b31ff6ddc393223d4
8cb0f7df5b6f69c0a395638adb549d977b6007bc
b974953d54dfa068afa6044858ef346745c03aa38cee59d4c695eb2d641e757c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/nborelSu4U-.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "122e-60816e30-142a94;gz"
Last-Modified: Thu, 22 Apr 2021 12:38:08 GMT
Content-Type: text/css
Content-Length: 1293
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/uYL8jyMVYgX.css
47.254.253.51200 OK 14 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/uYL8jyMVYgX.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (11447)
Hash 324990d3e46c44eda751dd4bdbdd311a
fc41762dcc9c3a6fb485cf2daeaae4b201a3eb54
7bbdc460f0a880e5fe3faabbcb121f05b373ae8ced6b5069952235cb3e50da03
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/uYL8jyMVYgX.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "13e84-61645592-142a96;gz"
Last-Modified: Mon, 11 Oct 2021 15:17:38 GMT
Content-Type: text/css
Content-Length: 14042
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/1-KA_puvd3z6.css
47.254.253.51200 OK 12 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/1-KA_puvd3z6.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (4404)
Hash 823fb0bde1638cbe90c54a2ede34354d
ad1c8ee4fd62115c4d3c5a021f01994585132ec5
2becd2fe4a703fa46bd985f71ac02b18c3e46db18ad69a9c8b1c8c4c05f9c1a1
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/1-KA_puvd3z6.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:09 GMT
Etag: "d1f8-616d28c6-142a90;gz"
Last-Modified: Mon, 18 Oct 2021 07:56:54 GMT
Content-Type: text/css
Content-Length: 12416
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:09 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/css/f/GuwON2vS.css
47.254.253.51200 OK 98 kB URL GET HTTP/1.1 riki361521373.duckdns.org/css/f/GuwON2vS.css
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type ASCII text, with very long lines (38737)
Hash b960b2727934209ef29ea4e87ff3a121
9cd7b3cba2070db14d7d1309cca18bde58727f5a
5f50b4222086248bb446d6db96e7a2dc532b66ad759e40edfd7197e50d6be528
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /css/f/GuwON2vS.css HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:08 GMT
Etag: "558ad-616d28e0-142a93;gz"
Last-Modified: Mon, 18 Oct 2021 07:57:20 GMT
Content-Type: text/css
Content-Length: 97789
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:08 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/img/Screenshot_2.png
47.254.253.51200 OK 5.8 kB URL GET HTTP/1.1 riki361521373.duckdns.org/img/Screenshot_2.png
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type PNG image data, 493 x 121, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f59cd4923ec112f3e9fd4d3a89beb71
617267f1467e53c835bb87b9aefc3abdde61437d
b08c62cb2476f540d1cd10ea287b223afa60c3b221c10af76a4d6d5af523317f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/Screenshot_2.png HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:09 GMT
Etag: "1676-62a306c0-142ae7;;;"
Last-Modified: Fri, 10 Jun 2022 08:54:24 GMT
Content-Type: image/png
Content-Length: 5750
Accept-Ranges: bytes
Date: Fri, 02 Jun 2023 01:19:09 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/img/LgoFSecoKE.png
47.254.253.51200 OK 2.8 kB URL GET HTTP/1.1 riki361521373.duckdns.org/img/LgoFSecoKE.png
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type PNG image data, 104 x 86, 8-bit colormap, non-interlaced\012- data
Hash 297dabe77f9a04cb0a04cd31f0e0106a
c0d9a23cb9d50140af63011108c05838e43ebac3
616e9846faffc87367a4b576937951e70b5aa828cc56d3439982a5052aad5525
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/LgoFSecoKE.png HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/css/f/GuwON2vS.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:09 GMT
Etag: "af9-60816e74-142acb;;;"
Last-Modified: Thu, 22 Apr 2021 12:39:16 GMT
Content-Type: image/png
Content-Length: 2809
Accept-Ranges: bytes
Date: Fri, 02 Jun 2023 01:19:09 GMT
Server: LiteSpeed
Connection: Keep-Alive
riki361521373.duckdns.org/img/hLr6bu_y0J.ico
47.254.253.51200 OK 1.1 kB URL GET HTTP/1.1 riki361521373.duckdns.org/img/hLr6bu_y0J.ico
IP 47.254.253.51:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://riki361521373.duckdns.org/invalid.html
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8cddca427dae9b925e73432f8733e05a
1999a6f624a25cfd938eef6492d34fdc4f55dedc
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/hLr6bu_y0J.ico HTTP/1.1
Host: riki361521373.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://riki361521373.duckdns.org/invalid.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Fri, 09 Jun 2023 01:19:09 GMT
Etag: "10be-60816f4a-142ac9;gz"
Last-Modified: Thu, 22 Apr 2021 12:42:50 GMT
Content-Type: image/x-icon
Content-Length: 1135
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 02 Jun 2023 01:19:09 GMT
Server: LiteSpeed
Connection: Keep-Alive