URL User Request GET HTTP/1.1 IP 141.98.134.127:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (507)
Hash a76b2b824459a563428efee4e4e10dfa
22e5446e82b3e46da34b5ebce6de5751664fb867
4fee32fb8b130a7d5c4b176767a85ab4c5bd6cb1f6cd0a7c506aa476ccfaec0e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET / HTTP/1.1
Host: hachceesea.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Jun 2023 04:27:08 GMT
Content-Type: text/html
Content-Length: 4833
Last-Modified: Fri, 16 May 2014 15:12:48 GMT
Connection: keep-alive
ETag: "53762af0-12e1"
Accept-Ranges: bytes
hachceesea.duckdns.org/img/centos-logo.png
141.98.134.127200 OK 3.0 kB URL GET HTTP/1.1 hachceesea.duckdns.org/img/centos-logo.png
IP 141.98.134.127:80
Requested by http://hachceesea.duckdns.org/
File type PNG image data, 100 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ce1e69697251116dca5bf7b17690010
76bda5761b81e1dc29357acf760b05112d85d18b
69dbbb0073c44a64da2de10dc969dd5b0118bc09a28f77be63a62ddaf382d6e4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/centos-logo.png HTTP/1.1
Host: hachceesea.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hachceesea.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Jun 2023 04:27:08 GMT
Content-Type: image/png
Content-Length: 3030
Last-Modified: Sun, 28 Dec 2008 06:10:39 GMT
Connection: keep-alive
ETag: "4957185f-bd6"
Accept-Ranges: bytes
hachceesea.duckdns.org/img/html-background.png
141.98.134.127200 OK 1.8 kB URL GET HTTP/1.1 hachceesea.duckdns.org/img/html-background.png
IP 141.98.134.127:80
Requested by http://hachceesea.duckdns.org/
File type PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash c0286057b6d3c023125b921a96a73938
9095eee294484da98aacc3d9818a3ee9101b3123
79dda1a317f732bc2e6c15013254e833d65ecbb99feb572df0309a2c14f1b7d3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/html-background.png HTTP/1.1
Host: hachceesea.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hachceesea.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Jun 2023 04:27:08 GMT
Content-Type: image/png
Content-Length: 1801
Last-Modified: Sun, 28 Dec 2008 06:10:39 GMT
Connection: keep-alive
ETag: "4957185f-709"
Accept-Ranges: bytes
hachceesea.duckdns.org/favicon.ico
141.98.134.127404 Not Found 153 B URL GET HTTP/1.1 hachceesea.duckdns.org/favicon.ico
IP 141.98.134.127:80
Requested by http://hachceesea.duckdns.org/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 932da5a430ff6db1bc48425b567d56fa
e7e88023dbbc6346d354ffe9fb7db957888c2299
10174434dbe479c08b32ce3b42b70e7c6336647d29e4393483158d590d35c325
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /favicon.ico HTTP/1.1
Host: hachceesea.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hachceesea.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Sun, 04 Jun 2023 04:27:09 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
hachceesea.duckdns.org/img/header-background.png
141.98.134.127200 OK 83 kB URL GET HTTP/1.1 hachceesea.duckdns.org/img/header-background.png
IP 141.98.134.127:80
Requested by http://hachceesea.duckdns.org/
File type PNG image data, 280 x 185, 8-bit/color RGBA, interlaced\012- data
Hash 7a40c93046dbdba584c6dd907d43701e
d2c8070a41c9ff7703b399ed237e34f928ccb27b
14a76d84a155acadb5d84695e7e6f2ba8042d2527fadf4e71ee1c84581164e8c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img/header-background.png HTTP/1.1
Host: hachceesea.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hachceesea.duckdns.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Jun 2023 04:27:08 GMT
Content-Type: image/png
Content-Length: 82896
Last-Modified: Fri, 16 May 2014 14:33:46 GMT
Connection: keep-alive
ETag: "537621ca-143d0"
Accept-Ranges: bytes