Report - mabanque-message-agricole.duckdns.org/84424

Report Overview

Visited public
2023-09-23 22:09:15
Tags
dyndns suspicious
URL
mabanque-message-agricole.duckdns.org/84424
Finishing URL
mabanque-message-agricole.duckdns.org/84424/
IP / ASN
185.220.113.208
#0
Title
Crédit Agricole
Suspicious - DynDNS domain
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-23 06:12:37	932 B	41 kB	151.101.65.229
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-23 05:09:29	666 B	1.4 kB	142.250.74.131
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-23 07:57:18	454 B	32 kB	172.217.21.170
mabanque-message-agricole.duckdns.org	unknown	2013-04-12	2023-09-23 18:20:09	2023-09-23 22:01:28	3.8 kB	771 kB	185.220.113.208
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-23 05:09:40	1.4 kB	435 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-23 22:08:56	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:56	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:56	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:56	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:56	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:56	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:56	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:56	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:57	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:57	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:58	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:58	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-23 22:08:58	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-23 22:08:58	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed
2023-09-23	medium	mabanque-message-agricole.duckdns.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	mabanque-message-agricole.duckdns.org/84424/assets/js/jquery-3.6.1.min.js	ScriptElement	93 kB	2023-03-26	2025-04-28
Pretty URL mabanque-message-agricole.duckdns.org/84424/assets/js/jquery-3.6.1.min.js IP 185.220.113.208 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:04 Last Seen2025-04-28 10:59 Times Seen110 Hash da886b27b09631413f809e37f4597705 eeb608cc0ea99c41bc91a53fe20ca81a402b21fd 316d80857724c22b6eb25606933c1e5b4986b5e8246fc2539e6eecd966ea0c96 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js	ScriptElement	62 kB	2023-03-07	2025-04-28
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-28 10:59 Times Seen1456 Hash cdb34f3de7cfb2d32a2ed08d98e7382c 9b04f4f986048aa09ebeeb459f17e274bbc3cde6 6965c967fe2474e34f024a08618c84e9f995c3482a3c46e793b9eca4b00d82e2 Loading...

	mabanque-message-agricole.duckdns.org/84424/common/region.js	ScriptElement	831 B	2023-03-26	2025-04-28
Pretty URL mabanque-message-agricole.duckdns.org/84424/common/region.js IP 185.220.113.208 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:04 Last Seen2025-04-28 10:59 Times Seen506 Hash 9c41d76b689cc4e2e57788f48c852c45 585c8fc602fd8cc4b912e48babb5859c72ee6a7d 6fd6839426aabc880cef8714c245bd0d65d6cbf86415c318649b0e48a97ce290 Loading...

	mabanque-message-agricole.duckdns.org/84424/assets/js/main.js	ScriptElement	1.7 kB	2023-03-26	2025-04-28
Pretty URL mabanque-message-agricole.duckdns.org/84424/assets/js/main.js IP 185.220.113.208 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:04 Last Seen2025-04-28 10:59 Times Seen420 Hash 2dc67549209149f1480d8466b87f6d3e 2e6c1faef52c85bc0f4dd049b99468345d47cd40 2ca7aa1d81228a9c5d45e13f96de1cd280afe6f5540b45b8b7705618b64af733 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 00:46 Times Seen108899 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js	ScriptElement	41 kB	2023-03-07	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:47 Times Seen4382 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:47 Times Seen11907 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js	ScriptElement	1.5 MB	2023-03-09	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:04 Last Seen2025-05-10 17:09 Times Seen4724 Hash d5beb8fa265f90be5ccadd6b32b8672f 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js	ScriptElement	8.3 kB	2023-03-07	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-10 22:23 Times Seen6354 Hash cc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995 Loading...

HTTP Transactions (16)

URL IP Response Size

mabanque-message-agricole.duckdns.org/84424

185.220.113.208

301 Moved Permanently

260 B

URL User Request GET HTTP/2
mabanque-message-agricole.duckdns.org/84424
IP
185.220.113.208:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
260 B (260 bytes)
Hash
3c773599899c3c5b682d25cf4be6adc1
7acb44591b5cb68673084bdfb1582ce8edb118d7
2b75908a69accafcf04a6f882216d9498006968d740abfc14b96873ea3f1f71a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424 HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 23 Sep 2023 22:08:56 GMT
content-type: text/html; charset=iso-8859-1
content-length: 260
location: https://mabanque-message-agricole.duckdns.org/84424/
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js

104.17.24.14

200 OK

418 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
418 kB (418541 bytes)
Hash
d5beb8fa265f90be5ccadd6b32b8672f
7bdc23c06b51e7e42c05de486680a3c18aa5ce5a
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942a3c-662ed"
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2034867
expires: Thu, 12 Sep 2024 22:08:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnn74MOcnfse7T9S1z4UpfhvPORzSrCl2DOfIPBewJOdr6ZlqwkRtcbtUUIuSBUifjVlLfvhsCaWvkhs20%2BCx3ukPHtTjT8MJbfT6o06yrtqyAwEbhl3vciEXToGcwrd5%2Fw9AVsE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80b61bf71f5556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

104.17.24.14

200 OK

3.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (542)
Size
3.1 kB (3074 bytes)
Hash
cc290e6c3aeecf5021dd82ad8df2512a
fb983aecd3940e8ebbfe5e74c8099cee9223c957
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b1d-c02"
last-modified: Thu, 22 Jun 2023 11:06:05 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2016642
expires: Thu, 12 Sep 2024 22:08:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5HoHA092pbVX3pRasC%2Fm0%2B2PfOQww2pCZfWB8oKVeF8mK%2FlRlmw%2FhJop40IJwVv5xnFCAWfHEOOcTnVjFG%2Bx%2BnpSoOnoB8vyvDJzbmYW%2FpCVf94Uv%2FG3u8Bmoox7BO7pLXwuhk4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80b61bf7bfc056a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (40808), with no line terminators
Size
10 kB (10485 bytes)
Hash
f3b8ce97ff6ce324da6232da353adf40
2a3daabc70232c6350ab48d32605dc4a6ac1f1fa
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

HTTP Headers

GET /ajax/libs/sweetalert/2.1.2/sweetalert.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mabanque-message-agricole.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 10485
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942e6b-28f5"
last-modified: Thu, 22 Jun 2023 11:20:11 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2012665
expires: Thu, 12 Sep 2024 22:08:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5a3KXyQ458kQucTYCbTthLCem78XIIl7%2BntwsdhjplAVG%2FL7hk7DgG%2B%2BGlnnvO%2B04gq8cd0cHO0AkJlUSgZfbbCQHkgyyDtmOfmnQRoGEIasV%2Fvj4aqlu2utFmP%2BCQM7U1zhODCY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80b61bf7bb415688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.65.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65299)
Size
24 kB (23943 bytes)
Hash
0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Sat, 23 Sep 2023 22:08:57 GMT
age: 10656132
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js

151.101.65.229

200 OK

16 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
Unicode text, UTF-8 text, with very long lines (34666)
Size
16 kB (15789 bytes)
Hash
cdb34f3de7cfb2d32a2ed08d98e7382c
9b04f4f986048aa09ebeeb459f17e274bbc3cde6
6965c967fe2474e34f024a08618c84e9f995c3482a3c46e793b9eca4b00d82e2

HTTP Headers

GET /npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 7.26.11
x-jsd-version-type: version
etag: W/"f0e9-mwT0+YYEiqCevutFnxfidLvDzeY"
content-encoding: br
accept-ranges: bytes
date: Sat, 23 Sep 2023 22:08:57 GMT
age: 2811825
x-served-by: cache-fra-eddf8230098-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15789
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

172.217.21.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 17:40:44 GMT
expires: Thu, 19 Sep 2024 17:40:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 275293
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:08:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mabanque-message-agricole.duckdns.org/84424/assets/js/jquery-3.6.1.min.js

185.220.113.208

200 OK

93 kB

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/assets/js/jquery-3.6.1.min.js
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
ASCII text, with very long lines (65447)
Size
93 kB (92575 bytes)
Hash
da886b27b09631413f809e37f4597705
eeb608cc0ea99c41bc91a53fe20ca81a402b21fd
316d80857724c22b6eb25606933c1e5b4986b5e8246fc2539e6eecd966ea0c96

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/assets/js/jquery-3.6.1.min.js HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 22:08:30 GMT
etag: W/"650f61de-1699f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/84424/assets/js/main.js

185.220.113.208

200 OK

1.7 kB

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/assets/js/main.js
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
Algol 68 source text\012- Pascal source, ASCII text, with very long lines (1861), with no line terminators
Size
1.7 kB (1727 bytes)
Hash
186e49a33f7b3485625945356109991d
876069fbddb1a3a9dad1d8302d3faf0e51eb2daf
807609dfba3498641f1c61c1059ed0a3c3e41052573772ff46fde3884805109d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/assets/js/main.js HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 22:08:30 GMT
etag: W/"650f61de-6bf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/84424/

185.220.113.208

200 OK

671 kB

URL User Request GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/
IP
185.220.113.208:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type

Size
671 kB (670900 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/ HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 22:08:56 GMT
content-type: text/html
last-modified: Sat, 23 Sep 2023 22:08:30 GMT
etag: W/"650f61de-a3cb4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/84424/common/region.js

185.220.113.208

200 OK

831 B

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/common/region.js
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
Unicode text, UTF-8 text, with very long lines (961), with no line terminators
Size
831 B (831 bytes)
Hash
dbe7e43ee848e7588a1356ad56403532
b4a23788ffd964d06c13141968acca055fc31e83
1d8950bf981134bc917149d2192a18cc173d22416fb41d80a74fb0de70342c1e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/common/region.js HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Sat, 23 Sep 2023 22:08:30 GMT
etag: W/"33f-6060df718664b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/84424/media/js/js.js

185.220.113.208

404 Not Found

808 B

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/media/js/js.js
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (866), with no line terminators
Size
808 B (808 bytes)
Hash
b45bdabc5c2538b0c4e5f352bcdfb585
5a97ce87ce8d3d86a043c1a5e68e968e20a1e146
c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/media/js/js.js HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 23 Sep 2023 22:08:57 GMT
content-type: text/html
last-modified: Sat, 23 Sep 2023 16:15:39 GMT
etag: W/"328-606090941210e"
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/84424/media/js/js.js

185.220.113.208

404 Not Found

808 B

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/84424/media/js/js.js
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (866), with no line terminators
Size
808 B (808 bytes)
Hash
b45bdabc5c2538b0c4e5f352bcdfb585
5a97ce87ce8d3d86a043c1a5e68e968e20a1e146
c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /84424/media/js/js.js HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 23 Sep 2023 22:08:58 GMT
content-type: text/html
last-modified: Sat, 23 Sep 2023 16:15:39 GMT
etag: W/"328-606090941210e"
content-encoding: br
X-Firefox-Spdy: h2

mabanque-message-agricole.duckdns.org/favicon.ico

185.220.113.208

404 Not Found

808 B

URL GET HTTP/2
mabanque-message-agricole.duckdns.org/favicon.ico
IP
185.220.113.208:443
ASN
#0

Requested by
https://mabanque-message-agricole.duckdns.org/84424/
Certificate
IssuerLet's Encrypt
Subjectmabanque-message-agricole.duckdns.org
Fingerprint1D:3A:23:AE:16:BF:AE:30:29:39:E3:64:BB:5E:F4:ED:C0:8C:BC:6E
ValiditySat, 23 Sep 2023 15:18:36 GMT - Fri, 22 Dec 2023 15:18:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (866), with no line terminators
Size
808 B (808 bytes)
Hash
b45bdabc5c2538b0c4e5f352bcdfb585
5a97ce87ce8d3d86a043c1a5e68e968e20a1e146
c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mabanque-message-agricole.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mabanque-message-agricole.duckdns.org/84424/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 23 Sep 2023 22:08:58 GMT
content-type: text/html
last-modified: Sat, 23 Sep 2023 16:15:39 GMT
etag: W/"328-606090941210e"
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL User Request GET HTTP/2

IP

ASN