Report - segfdt8579.ocry.com/api.php?act=ip_save&

Report Overview

Submitted URL
segfdt8579.ocry.com/api.php?act=ip_save&_r=0.6605592300758962
IP
167.160.188.62
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2023-05-21 20:59:27
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
3
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
segfdt8579.ocry.com	unknown	2001-05-12	2023-05-21	2023-05-21	1.1 kB	823 B	167.160.188.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-21 20:59:10	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.ocry .com Domain
2023-05-21 20:59:10	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.ocry .com Domain
2023-05-21 20:59:10	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.ocry .com Domain
2023-05-21 20:59:11	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.ocry .com Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

segfdt8579.ocry.com/api.php?act=ip_save&_r=0.6605592300758962

167.160.188.62

200 OK

33 B

URL User Request GET HTTP/2
segfdt8579.ocry.com/api.php?act=ip_save&_r=0.6605592300758962
IP
167.160.188.62:443
ASN
#8100 ASN-QUADRANET-GLOBAL

Certificate
IssuerLet's Encrypt
Subjectymnfui677.4pu.com
Fingerprint2F:D2:3D:00:3D:CE:90:DA:D9:1C:05:B4:B3:EA:2E:95:99:02:E7:E0
ValiditySun, 21 May 2023 12:36:45 GMT - Sat, 19 Aug 2023 12:36:44 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
260ec0449e9aadb554fe22aab48d45c4
b669577e8b1daa292bbf5286825c7a0560b1d094
aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /api.php?act=ip_save&_r=0.6605592300758962 HTTP/1.1
Host: segfdt8579.ocry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=37eg3nokh460uo2i160uo62kg6; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 33
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 20:59:10 GMT
server: Apache
X-Firefox-Spdy: h2

segfdt8579.ocry.com/favicon.ico

167.160.188.62

404 Not Found

266 B

URL GET HTTP/2
segfdt8579.ocry.com/favicon.ico
IP
167.160.188.62:443
ASN
#8100 ASN-QUADRANET-GLOBAL

Requested by
https://segfdt8579.ocry.com/api.php?act=ip_save&_r=0.6605592300758962
Certificate
IssuerLet's Encrypt
Subjectymnfui677.4pu.com
Fingerprint2F:D2:3D:00:3D:CE:90:DA:D9:1C:05:B4:B3:EA:2E:95:99:02:E7:E0
ValiditySun, 21 May 2023 12:36:45 GMT - Sat, 19 Aug 2023 12:36:44 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
928d8bbeca2f525ff726c112d6ec962f
4e3e87f872d082abe09aac3d1f537e56d6fe6ef1
cb08ebaae9ffd8825582dac831438454d9a8b8aa258a6f80a71afb8c3eb646bb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: segfdt8579.ocry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://segfdt8579.ocry.com/api.php?act=ip_save&_r=0.6605592300758962
Cookie: PHPSESSID=37eg3nokh460uo2i160uo62kg6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 266
content-type: text/html; charset=iso-8859-1
date: Sun, 21 May 2023 20:59:11 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers