Report - attencionreviewsiteactv.duckdns.org/

Report Overview

Visited public
2025-06-12 12:47:26
Tags
dyndns
URL
attencionreviewsiteactv.duckdns.org/
Finishing URL
attencionreviewsiteactv.duckdns.org/
IP / ASN
103.63.24.8
#136052 PT Cloud Hosting Indonesia
Title
Restrictions Information
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
attencionreviewsiteactv.duckdns.org	unknown	2013-04-12	2025-06-12	2025-06-12	2.9 kB	2.3 MB	103.63.24.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-12 12:47:08	medium	Client IP	103.63.24.8	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.
2025-06-12	medium	attencionreviewsiteactv.duckdns.org/	Facebook, Inc.

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	attencionreviewsiteactv.duckdns.org/	ScriptElement	239 B	2023-03-08	2025-06-16
Pretty URL attencionreviewsiteactv.duckdns.org/ IP 103.63.24.8 ASN #136052 PT Cloud Hosting Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 12:16 Last Seen2025-06-16 11:32 Times Seen315 Hash 5ff0b51883d869486c8a1ace0667ac48 8c382a090c0d0a811210688d5e9a078f2c3bc0d0 24ba9541945b84ffdde01d97bf8886b43c97650ef809ea625dbd60c2a04b98db Loading...

	attencionreviewsiteactv.duckdns.org/	ScriptElement	357 B	2023-03-08	2025-06-13
Pretty URL attencionreviewsiteactv.duckdns.org/ IP 103.63.24.8 ASN #136052 PT Cloud Hosting Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 12:16 Last Seen2025-06-13 10:55 Times Seen183 Hash 89f3d922b5182f25c6085d6e67175e81 06e7423a051ee7712ca19bc7fc427a8be62e10d6 18a2c075842d994d52f3eb0a36fc940f8eeff694dcc07070cd67e2cd431f2135 Loading...

	attencionreviewsiteactv.duckdns.org/	ScriptElement	569 B	2023-03-08	2025-06-13
Pretty URL attencionreviewsiteactv.duckdns.org/ IP 103.63.24.8 ASN #136052 PT Cloud Hosting Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 12:16 Last Seen2025-06-13 10:55 Times Seen108 Hash eb70dfb42d43428321c93e6b1c14fbea 537f67cd9d190297fda056dcfbaed490ddc52269 014b800016a1a1bc809496dbd731426191f4f56930896b1a83d09d508ee389e8 Loading...

	attencionreviewsiteactv.duckdns.org/	ScriptElement	31 B	2023-03-08	2025-06-16
Pretty URL attencionreviewsiteactv.duckdns.org/ IP 103.63.24.8 ASN #136052 PT Cloud Hosting Indonesia Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 12:16 Last Seen2025-06-16 11:32 Times Seen1639 Hash c8a8aecfed68494dc11a3a2c314544e0 0a032baa9aed1a5c5d570734a958655e008244b0 6dec1d337364ee9defa8079ae6640e5025ee6728e01f98277c6d382947859164 Loading...

		Size	First Seen	Last Seen
	#1 Write - a8bdeb1cdfa883976d25e7cdb5f83667	13 B	2025-06-12 00:06	2025-06-12 12:47
Pretty Observations First Seen2025-06-12 00:06 Last Seen2025-06-12 12:47 Times Seen3 Hash a8bdeb1cdfa883976d25e7cdb5f83667 e40083ebc7231b7bc8ca697199059cb35dfaf291 72a4efc65946b6fe653bd49f6ae45abf1ceeee257d6e4abf4afd9d76be2b8da5 Loading...

HTTP Transactions (6)

URL IP Response Size

attencionreviewsiteactv.duckdns.org/favicon.ico

103.63.24.8

200 OK

5.4 kB

URL GET
attencionreviewsiteactv.duckdns.org/favicon.ico
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Requested by
https://attencionreviewsiteactv.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
de76b0c210c815ef282d5b59de8a0567
023038e2dfd649047be4fbba79c78dd80bc4cd90
c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attencionreviewsiteactv.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jun 2025 12:47:10 GMT
etag: "1536-63bebe62-6902c;br"
last-modified: Wed, 11 Jan 2023 13:49:22 GMT
content-type: image/x-icon
content-length: 1571
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 12:47:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

attencionreviewsiteactv.duckdns.org/

103.63.24.8

200 OK

14 kB

URL User Request GET
attencionreviewsiteactv.duckdns.org/
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
HTML document, ASCII text, with very long lines (1877), with CRLF line terminators
Size
14 kB (13472 bytes)
Hash
916b24b4e18a757408a7b0fb22aba85f
bb1dc4f5e98501ea86bc40e10dec014f452f84c3
dbd84efcbb8c75af063ac4c335025570feec03df2cf52d171b4dbd40f84bdf38

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET / HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "34a0-63beb8c4-6901e;br"
last-modified: Wed, 11 Jan 2023 13:25:24 GMT
content-type: text/html
content-length: 5178
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 12:47:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

attencionreviewsiteactv.duckdns.org/dF5SId3UHWd.svg

103.63.24.8

200 OK

2.4 kB

URL GET
attencionreviewsiteactv.duckdns.org/dF5SId3UHWd.svg
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Requested by
https://attencionreviewsiteactv.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2385 bytes)
Hash
ebd8798bc32c86494851a07770e04e63
b5461dc8f5f5f848033441d506ee05d48742438b
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /dF5SId3UHWd.svg HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attencionreviewsiteactv.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jun 2025 12:47:08 GMT
etag: "951-63beb358-6902b;br"
last-modified: Wed, 11 Jan 2023 13:02:16 GMT
content-type: image/svg+xml
content-length: 1031
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 12:47:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

attencionreviewsiteactv.duckdns.org/css/style-pay.css

103.63.24.8

200 OK

457 kB

URL GET
attencionreviewsiteactv.duckdns.org/css/style-pay.css
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Requested by
https://attencionreviewsiteactv.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
ASCII text, with very long lines (61305), with CRLF line terminators
Size
457 kB (457226 bytes)
Hash
c2c123ae4469b7e050ef9caabe1130bf
2a81dc4ffda88702e213c9502ba12623e34e05a7
b5cf737e2071d23e4c4f110c42591443a7c4ed1c5f8d5fe536d6c1ab6d873d2d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /css/style-pay.css HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attencionreviewsiteactv.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jun 2025 12:47:08 GMT
etag: "6fa0a-63beb334-69028;br"
last-modified: Wed, 11 Jan 2023 13:01:40 GMT
content-type: text/css
content-length: 124834
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 12:47:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

attencionreviewsiteactv.duckdns.org/css/pAy5sS6Se6DC.css

103.63.24.8

200 OK

46 kB

URL GET
attencionreviewsiteactv.duckdns.org/css/pAy5sS6Se6DC.css
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Requested by
https://attencionreviewsiteactv.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
ASCII text, with very long lines (40111), with CRLF line terminators
Size
46 kB (45728 bytes)
Hash
cc2cdc4a073ec5347e10d9617ac14624
83f55ae64eda1957aa0c1e544c9d3fc6b9d070a1
3a56c06795eed899bb11ab46a1cd7b554584d9969748b4a65240a28b4df48694

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /css/pAy5sS6Se6DC.css HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attencionreviewsiteactv.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jun 2025 12:47:08 GMT
etag: "b2a0-63beb32c-69027;br"
last-modified: Wed, 11 Jan 2023 13:01:32 GMT
content-type: text/css
content-length: 4252
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 12:47:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

attencionreviewsiteactv.duckdns.org/data_portabilityprivacy_banner_003-1.gif

103.63.24.8

200 OK

1.8 MB

URL GET
attencionreviewsiteactv.duckdns.org/data_portabilityprivacy_banner_003-1.gif
IP
103.63.24.8:443
ASN
#136052 PT Cloud Hosting Indonesia

Requested by
https://attencionreviewsiteactv.duckdns.org/
Certificate
IssuerLet's Encrypt
Subjectattencionreviewsiteactv.duckdns.org
Fingerprint11:35:AE:A7:A4:F9:0B:5D:6C:80:9D:43:39:E5:EC:FF:55:43:2D:92
ValidityTue, 10 Jun 2025 18:41:50 GMT - Mon, 08 Sep 2025 18:41:49 GMT

File type
GIF image data, version 89a, 1440 x 472
Size
1.8 MB (1816161 bytes)
Hash
965e69c7fefd00866176e85ade5e3e52
9892668271a12c8c4e8f63eb043ace6485d7627c
ff2d01ed1d16e8b22d836440a3efa588452d6181df66f6aab6fd93741a4480c6

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /data_portabilityprivacy_banner_003-1.gif HTTP/1.1
Host: attencionreviewsiteactv.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://attencionreviewsiteactv.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 19 Jun 2025 12:47:08 GMT
etag: "1bb661-63beb34e-6902a;;;"
last-modified: Wed, 11 Jan 2023 13:02:06 GMT
content-type: image/gif
content-length: 1816161
accept-ranges: bytes
date: Thu, 12 Jun 2025 12:47:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (6)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash