{"report_id":"7bbf372d-8fa5-4ddf-9230-f553936b5400","version":6,"status":"done","tags":["dyndns"],"date":"2026-04-01T00:21:56Z","url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":0,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"title":"Banco Bradesco | Desafie o Futuro","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":0,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T00:21:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":162,"urlquery":2,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.025550+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/chosen.min.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":783,\"bytes_toclient\":2861,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.025537+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/normalize.min.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1111},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":786,\"bytes_toclient\":1734,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.031405+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/structure.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":782,\"bytes_toclient\":5530,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.038334+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/magnific-popup.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":787,\"bytes_toclient\":2441,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.040805+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/main.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1109},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":14,\"bytes_toserver\":1981,\"bytes_toclient\":16194,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.050125+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/owl.carousel.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":549},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":2007,\"bytes_toclient\":3877,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.053717+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/owl.theme.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":664},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":8,\"bytes_toserver\":2128,\"bytes_toclient\":6661,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.053836+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/jquery.mmenu.all.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5593},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":10,\"bytes_toserver\":1501,\"bytes_toclient\":8060,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.064696+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/mediaelementplayer.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":26,\"bytes_toserver\":3226,\"bytes_toclient\":32843,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.074640+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/slick.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":577},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":2710,\"bytes_toclient\":7705,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.077441+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/posso_ajudar.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":659},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":785,\"bytes_toclient\":1201,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.079125+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-awesome.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":9,\"bytes_toserver\":2073,\"bytes_toclient\":6971,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.083680+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/slick-theme.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":893},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":12,\"bytes_toserver\":2658,\"bytes_toclient\":9420,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.085159+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/bootstrap.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":9,\"bytes_toserver\":1495,\"bytes_toclient\":8563,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.086586+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/bootstrap-select.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1724},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":30,\"bytes_toserver\":3875,\"bytes_toclient\":36613,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.093828+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-montserrat.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":332},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":11,\"pkts_toclient\":12,\"bytes_toserver\":3283,\"bytes_toclient\":8504,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.101336+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/btns.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":746},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1935,\"bytes_toclient\":2414,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.101588+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-lightbox.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":97},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":15,\"bytes_toserver\":3357,\"bytes_toclient\":12346,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.104045+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-footer-map.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":337},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":11,\"pkts_toclient\":13,\"bytes_toserver\":2789,\"bytes_toclient\":11549,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.104892+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/flexslider.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1612},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":33,\"bytes_toserver\":4518,\"bytes_toclient\":38760,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.105457+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-footer.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2069},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":15,\"bytes_toserver\":2724,\"bytes_toclient\":12024,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.122517+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/banner.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":987},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":13,\"bytes_toserver\":3845,\"bytes_toclient\":9893,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.130355+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-banner.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":538},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":15,\"bytes_toserver\":3350,\"bytes_toclient\":12554,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.131291+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/home.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":17,\"bytes_toserver\":3423,\"bytes_toclient\":15374,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.146195+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chatbia-dist.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1268},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":3911,\"bytes_toclient\":11643,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.151957+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFrame.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":623},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":16,\"bytes_toserver\":3911,\"bytes_toclient\":13592,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.166674+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bAutocomplete.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":18,\"bytes_toserver\":4540,\"bytes_toclient\":14762,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.168572+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/lembrarAgCta.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1429},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":20,\"bytes_toserver\":4051,\"bytes_toclient\":18029,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.179102+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/navegg.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":4184},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":38,\"bytes_toserver\":5140,\"bytes_toclient\":43625,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.181533+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/rt-limite-credito-pessoal.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":837},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":17,\"bytes_toserver\":3882,\"bytes_toclient\":13329,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.193581+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bPagina-min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":561},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":14,\"pkts_toclient\":17,\"bytes_toserver\":4486,\"bytes_toclient\":14568,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.208859+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mmenu.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5238},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":22,\"bytes_toserver\":3948,\"bytes_toclient\":19248,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.214574+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/ua-parser.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":22,\"bytes_toserver\":4680,\"bytes_toclient\":21057,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.220954+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.magnific-popup.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":19,\"bytes_toserver\":4552,\"bytes_toclient\":17596,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.223799+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/classic-main.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":8,\"bytes_toserver\":2001,\"bytes_toclient\":5508,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.225553+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chosen.jquery.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5441},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":43,\"bytes_toserver\":5773,\"bytes_toclient\":49747,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.230388+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.color.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5391},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":27,\"bytes_toserver\":4576,\"bytes_toclient\":25320,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.235148+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/owl.carousel.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":6492},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5378,\"bytes_toclient\":30711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.245285+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/popper.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":47,\"bytes_toserver\":6399,\"bytes_toclient\":53948,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.259056+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.touchSwipe.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":23,\"bytes_toserver\":2902,\"bytes_toclient\":25953,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.261079+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery-3.4.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":21,\"bytes_toserver\":5172,\"bytes_toclient\":17856,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.265026+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.placeholder.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1132},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":40,\"pkts_toclient\":54,\"bytes_toserver\":7169,\"bytes_toclient\":60265,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.270333+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-4.3.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":30,\"bytes_toserver\":5211,\"bytes_toclient\":28414,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.273635+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-select.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":25,\"bytes_toserver\":5316,\"bytes_toclient\":25684,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.278544+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFormNaoCorrentista.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1837},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":16,\"pkts_toclient\":26,\"bytes_toserver\":3608,\"bytes_toclient\":28339,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.280640+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mediaelement-and-player.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":22,\"pkts_toclient\":31,\"bytes_toserver\":6021,\"bytes_toclient\":33739,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.283283+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mascara.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":42,\"pkts_toclient\":56,\"bytes_toserver\":7792,\"bytes_toclient\":63293,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.296989+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validanavegadorexclusivo.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1495},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":28,\"bytes_toserver\":4248,\"bytes_toclient\":30317,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.298470+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/detect-mobile.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":562},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":43,\"bytes_toserver\":6830,\"bytes_toclient\":48358,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.307187+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/modal-cartoes.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1484},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":6104,\"bytes_toclient\":43874,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328039+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js.cookie-2.2.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":865},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5395,\"bytes_toclient\":31597,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328584+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer-mapp.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":526},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":45,\"bytes_toserver\":7393,\"bytes_toclient\":49365,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328671+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":679},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":46,\"bytes_toserver\":7541,\"bytes_toclient\":55711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.329476+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":25,\"pkts_toclient\":42,\"bytes_toserver\":7221,\"bytes_toclient\":44442,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.341517+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/retargeting.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5439},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":40,\"bytes_toserver\":6141,\"bytes_toclient\":45648,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.343701+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/moment.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":44,\"pkts_toclient\":59,\"bytes_toserver\":8418,\"bytes_toclient\":67530,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.345485+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/main-cookie.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1345},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":31,\"bytes_toserver\":5461,\"bytes_toclient\":33411,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.347601+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-cookie.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1723},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":31,\"pkts_toclient\":48,\"bytes_toserver\":7607,\"bytes_toclient\":57917,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.348211+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js-cookie.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":822},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":47,\"bytes_toserver\":7956,\"bytes_toclient\":50668,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.354217+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/main.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":48,\"bytes_toserver\":7287,\"bytes_toclient\":53526,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.362451+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":807},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":49,\"bytes_toserver\":7396,\"bytes_toclient\":57350,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.365255+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.easing.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2005},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":49,\"bytes_toserver\":8022,\"bytes_toclient\":53156,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.366355+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/banner.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":32,\"bytes_toserver\":6576,\"bytes_toclient\":34534,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.370271+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jQuery-plugin-progressbar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":646},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":49,\"bytes_toserver\":8736,\"bytes_toclient\":58978,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.374144+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mousewheel.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":962},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":53,\"bytes_toserver\":8714,\"bytes_toclient\":60578,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.376033+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.flexslider.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":52,\"pkts_toclient\":74,\"bytes_toserver\":9447,\"bytes_toclient\":88929,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.379555+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-progress-bar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":342},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":51,\"bytes_toserver\":8002,\"bytes_toclient\":58173,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.383090+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chat.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":52,\"bytes_toserver\":8642,\"bytes_toclient\":56614,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.387842+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/home.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":533},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":50,\"bytes_toserver\":9342,\"bytes_toclient\":59926,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.391850+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":57,\"bytes_toserver\":8780,\"bytes_toclient\":66284,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.392471+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/slick.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3992},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":35,\"bytes_toserver\":6642,\"bytes_toclient\":39076,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.397454+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_ajuda.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":908},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":57,\"pkts_toclient\":81,\"bytes_toserver\":10835,\"bytes_toclient\":98896,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.399586+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_contraste.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1044},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":52,\"bytes_toserver\":8590,\"bytes_toclient\":59572,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.400494+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_weblibras.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":54,\"bytes_toserver\":9314,\"bytes_toclient\":59642,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.405085+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_navegacao.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1151},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":35,\"pkts_toclient\":51,\"bytes_toserver\":9924,\"bytes_toclient\":61432,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.410159+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_produtos_servicos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1038},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":58,\"bytes_toserver\":10042,\"bytes_toclient\":67677,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.411322+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/ico-fechar.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":281},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":41,\"bytes_toserver\":7943,\"bytes_toclient\":46490,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.415183+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/logo-mobile.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2611},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":58,\"pkts_toclient\":84,\"bytes_toserver\":10901,\"bytes_toclient\":103438,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.417074+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/logo-mobile.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2434},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":31,\"pkts_toclient\":54,\"bytes_toserver\":8656,\"bytes_toclient\":62427,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.417603+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/qrcode-pf.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2610},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":38,\"pkts_toclient\":63,\"bytes_toserver\":10098,\"bytes_toclient\":72090,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.423138+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/001-d.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":54,\"bytes_toserver\":9990,\"bytes_toclient\":65974,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.430364+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/001-m.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":37,\"pkts_toclient\":60,\"bytes_toserver\":10108,\"bytes_toclient\":70705,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.435692+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/002-m.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":42,\"pkts_toclient\":67,\"bytes_toserver\":10878,\"bytes_toclient\":77360,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.439483+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/004-m.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":61,\"pkts_toclient\":97,\"bytes_toserver\":11615,\"bytes_toclient\":121677,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.445078+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/004-d.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":43,\"bytes_toserver\":8009,\"bytes_toclient\":49518,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.446124+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/002-d.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":56,\"bytes_toserver\":9304,\"bytes_toclient\":65455,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.461066+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/003-d.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":60,\"pkts_toclient\":103,\"bytes_toserver\":12090,\"bytes_toclient\":139492,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.473804+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/topbar.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":63,\"pkts_toclient\":108,\"bytes_toserver\":12737,\"bytes_toclient\":137312,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.474451+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-bradesco.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":475},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":56,\"pkts_toclient\":96,\"bytes_toserver\":12375,\"bytes_toclient\":123141,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.494115+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-renegociacao-de-dividas.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":99,\"bytes_toserver\":9011,\"bytes_toclient\":132135,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.495238+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-pagamentos-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2213},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":47,\"pkts_toclient\":122,\"bytes_toserver\":10761,\"bytes_toclient\":163744,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.495775+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-1.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":65,\"pkts_toclient\":113,\"bytes_toserver\":13390,\"bytes_toclient\":144882,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.498196+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-renegociacao-de-dividas-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":78,\"pkts_toclient\":141,\"bytes_toserver\":13824,\"bytes_toclient\":195023,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.499238+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-mais-facilidades-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":972},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":81,\"pkts_toclient\":124,\"bytes_toserver\":13995,\"bytes_toclient\":161678,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.499920+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-mais-facilidades.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":972},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":57,\"pkts_toclient\":97,\"bytes_toserver\":12964,\"bytes_toclient\":124467,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.512111+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-3.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":38,\"pkts_toclient\":104,\"bytes_toserver\":9664,\"bytes_toclient\":139705,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.513738+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/m-destaque-3.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":49,\"pkts_toclient\":127,\"bytes_toserver\":11416,\"bytes_toclient\":171314,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.517456+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/m-destaque-4.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":58,\"pkts_toclient\":102,\"bytes_toserver\":13030,\"bytes_toclient\":132037,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.519700+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-4.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":82,\"pkts_toclient\":129,\"bytes_toserver\":14061,\"bytes_toclient\":169248,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.521036+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/open-banking-bradesco.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":76,\"pkts_toclient\":133,\"bytes_toserver\":14648,\"bytes_toclient\":174503,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.523717+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-2.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":80,\"pkts_toclient\":157,\"bytes_toserver\":14477,\"bytes_toclient\":219247,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.534217+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-6.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":74,\"pkts_toclient\":176,\"bytes_toserver\":13587,\"bytes_toclient\":245121,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.537316+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/qr-code-whatsapp-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2610},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":84,\"pkts_toclient\":151,\"bytes_toserver\":15277,\"bytes_toclient\":205516,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.544848+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/modal-img.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":90,\"pkts_toclient\":164,\"bytes_toserver\":15657,\"bytes_toclient\":228756,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.547364+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-app-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":111,\"pkts_toclient\":182,\"bytes_toserver\":16498,\"bytes_toclient\":247702,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.550975+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cadeado_-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1433},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":93,\"pkts_toclient\":209,\"bytes_toserver\":13816,\"bytes_toclient\":293318,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.554092+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-googleassistente.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1590},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":101,\"pkts_toclient\":225,\"bytes_toserver\":15901,\"bytes_toclient\":317342,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.555818+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/linkedin-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":88,\"pkts_toclient\":157,\"bytes_toserver\":16063,\"bytes_toclient\":212257,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.557537+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/facebook-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":859},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":95,\"pkts_toclient\":198,\"bytes_toserver\":16946,\"bytes_toclient\":271519,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.567533+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/twitter-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":113,\"pkts_toclient\":184,\"bytes_toserver\":17151,\"bytes_toclient\":250730,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.569366+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/youtube-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1343},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":95,\"pkts_toclient\":211,\"bytes_toserver\":14469,\"bytes_toclient\":295082,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.571692+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/instagram-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":103,\"pkts_toclient\":228,\"bytes_toserver\":16556,\"bytes_toclient\":320713,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.577849+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/btn-new-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2611},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":96,\"pkts_toclient\":201,\"bytes_toserver\":17012,\"bytes_toclient\":275993,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.580568+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/tiktok-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1033},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":91,\"pkts_toclient\":158,\"bytes_toserver\":17298,\"bytes_toclient\":213645,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.585789+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-chat-balon.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1637},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":144,\"pkts_toclient\":280,\"bytes_toserver\":19747,\"bytes_toclient\":402243,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.586724+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/003-m.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":190,\"bytes_toserver\":17799,\"bytes_toclient\":259441,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.587754+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cartoes.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":97,\"pkts_toclient\":216,\"bytes_toserver\":15120,\"bytes_toclient\":301801,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.588961+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cartoes_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":105,\"pkts_toclient\":232,\"bytes_toserver\":17213,\"bytes_toclient\":325746,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.595424+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":98,\"pkts_toclient\":206,\"bytes_toserver\":17664,\"bytes_toclient\":283563,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.599925+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/agora.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":92,\"pkts_toclient\":163,\"bytes_toserver\":17364,\"bytes_toclient\":221215,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.604300+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Regular.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":146,\"pkts_toclient\":285,\"bytes_toserver\":20477,\"bytes_toclient\":409813,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.611754+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio-hover.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":132,\"pkts_toclient\":222,\"bytes_toserver\":19447,\"bytes_toclient\":306845,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.613829+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/emprestimo.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":100,\"pkts_toclient\":221,\"bytes_toserver\":15840,\"bytes_toclient\":307982,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.614521+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/agora_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":108,\"pkts_toclient\":236,\"bytes_toserver\":17934,\"bytes_toclient\":331383,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.617746+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cielo_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":120,\"pkts_toclient\":248,\"bytes_toserver\":19639,\"bytes_toclient\":345938,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.619674+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cielo.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":96,\"pkts_toclient\":169,\"bytes_toserver\":18145,\"bytes_toclient\":228860,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.622350+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/emprestimo_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2636},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":154,\"pkts_toclient\":298,\"bytes_toserver\":21533,\"bytes_toclient\":428483,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.631461+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/veloe.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":149,\"pkts_toclient\":255,\"bytes_toserver\":21085,\"bytes_toclient\":356471,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.632143+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/veloe_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":103,\"pkts_toclient\":226,\"bytes_toserver\":16561,\"bytes_toclient\":314333,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.632787+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bitz.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":111,\"pkts_toclient\":238,\"bytes_toserver\":18648,\"bytes_toclient\":334411,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.636710+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bitz_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":126,\"pkts_toclient\":259,\"bytes_toserver\":20557,\"bytes_toclient\":361644,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.639742+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio_seguros_hover.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":156,\"pkts_toclient\":303,\"bytes_toserver\":22199,\"bytes_toclient\":436053,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.640681+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio_seguros.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":104,\"pkts_toclient\":183,\"bytes_toserver\":19201,\"bytes_toclient\":249876,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.659250+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-pagamentos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2213},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":166,\"pkts_toclient\":318,\"bytes_toserver\":23386,\"bytes_toclient\":458054,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.660174+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-sac-ouvidoria-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":106,\"pkts_toclient\":227,\"bytes_toserver\":17858,\"bytes_toclient\":315244,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.665910+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-boletos-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1025},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":139,\"pkts_toclient\":279,\"bytes_toserver\":22489,\"bytes_toclient\":390834,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.669420+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-boletos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1025},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":119,\"pkts_toclient\":252,\"bytes_toserver\":20233,\"bytes_toclient\":354255,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.677503+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-sac-ouvidoria.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":158,\"pkts_toclient\":267,\"bytes_toserver\":22758,\"bytes_toclient\":373235,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.678841+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bg-btn-ver-agora.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/rt-limite-credito-pessoal.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":107,\"pkts_toclient\":232,\"bytes_toserver\":17924,\"bytes_toclient\":322814,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.678940+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/check.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1322},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":168,\"pkts_toclient\":320,\"bytes_toserver\":24052,\"bytes_toclient\":459793,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.686939+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-lembrar-me.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":359},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":140,\"pkts_toclient\":280,\"bytes_toserver\":23150,\"bytes_toclient\":391543,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.689198+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/seta.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":215},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":120,\"pkts_toclient\":253,\"bytes_toserver\":20896,\"bytes_toclient\":354819,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.698301+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/seta.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1613},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":113,\"pkts_toclient\":239,\"bytes_toserver\":18859,\"bytes_toclient\":331709,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.701883+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/tag-novo.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2111},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":170,\"pkts_toclient\":322,\"bytes_toserver\":24727,\"bytes_toclient\":462321,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.704790+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":26,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Bold.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":141,\"pkts_toclient\":283,\"bytes_toserver\":23216,\"bytes_toclient\":396085,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.706025+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Medium.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":121,\"pkts_toclient\":258,\"bytes_toserver\":20962,\"bytes_toclient\":362389,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.735587+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bg-navseg.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":95},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":222,\"bytes_toserver\":20463,\"bytes_toclient\":307663,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.735582+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_seta_v_-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":485},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":159,\"pkts_toclient\":268,\"bytes_toserver\":22824,\"bytes_toclient\":374074,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.822793+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":26,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/sitemap.json?tags=Mais%20Bradesco\u0026tagMode=any\u0026format=json\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/json\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2603},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":172,\"pkts_toclient\":327,\"bytes_toserver\":25524,\"bytes_toclient\":469891,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.871588+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":240,\"bytes_toserver\":19538,\"bytes_toclient\":332277,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.928017+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":27,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/vnd.microsoft.icon\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1144},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":177,\"pkts_toclient\":334,\"bytes_toserver\":26422,\"bytes_toclient\":479485,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.943183+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Thin.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1160},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":117,\"pkts_toclient\":245,\"bytes_toserver\":20265,\"bytes_toclient\":339847,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.987822+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":28,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":283,\"pkts_toclient\":543,\"bytes_toserver\":33961,\"bytes_toclient\":794857,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.031747+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":29,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":285,\"pkts_toclient\":545,\"bytes_toserver\":34636,\"bytes_toclient\":797084,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.139391+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/main-menu.json\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/json\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1152},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":132,\"pkts_toclient\":259,\"bytes_toserver\":21975,\"bytes_toclient\":360319,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.148527+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":27,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/wlStyle.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":150,\"pkts_toclient\":296,\"bytes_toserver\":24466,\"bytes_toclient\":414137,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.150219+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":30,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/menu-dist.js?_=1775002894694\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1806},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":287,\"pkts_toclient\":547,\"bytes_toserver\":35558,\"bytes_toclient\":799373,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.179071+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/wl-min.js?_=1775002894695\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1090},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":130,\"pkts_toclient\":273,\"bytes_toserver\":22343,\"bytes_toclient\":384199,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.204914+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":28,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/js/modernizr-custom.js?_=1775002894697\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":152,\"pkts_toclient\":297,\"bytes_toserver\":25389,\"bytes_toclient\":414705,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.205601+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/js/index-dist.js?_=1775002894696\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":194,\"pkts_toclient\":321,\"bytes_toserver\":26852,\"bytes_toclient\":452405,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"Client IP","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.243586+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":31,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/css/menu-dist.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":289,\"pkts_toclient\":548,\"bytes_toserver\":36342,\"bytes_toclient\":799941,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]},"summary":[{"fqdn":"livelopontos26.dynv6.net","ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"domain_registered":"2014-10-24","domain_rank":0,"first_seen":"2026-04-01T00:21:59.64074Z","last_seen":"2026-04-01T00:21:59.64074Z","alert_count":656,"request_count":163,"received_data":4139600,"sent_data":86153,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Bootstrap:4.3.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"FlexSlider","description":"FlexSlider is a free jQuery slider plugin.","website":"https://woocommerce.com/flexslider/","common_platform_enumeration":"","icon":"FlexSlider.png","categories":["Widgets"]},{"name":"Chosen","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"ProgressBar.js","description":"Responsive progress bars with animated SVG paths.","website":"https://kimmobrunfeldt.github.io/progressbar.js/","common_platform_enumeration":"","icon":"ProgressBar.js.png","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]}]},{"fqdn":"aaab","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-02-11T17:25:32.823713Z","last_seen":"2026-02-10T10:13:27.956839Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":1342,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validanavegadorexclusivo.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e043fcaccf060a7f0340880b71cbb1d","sha1":"a89d3a70de7aae8a88765967438c09089ea2b8f6","sha256":"2ca136c51ee6c6552fd5ea583d26279c43b9d34518f0cc8b248e323c02ca8407","sha512":"34565cc68ca35099e58a9b47874d42f01950e41b934ff6c33d6a1d734a52b1924376670ce729120f6296ceda0f604b56f569e3931ffd9b2807e6ecdc901357d1","ssdeep":"48:V3VAA8D86TZ1ZyTZe5IUCIB7CCvPZq30YXdrN1C7pnWlbXz85aG85Zv98ya2FjO1:0TD86rZyTZGWT5p2/DgDHNDHa","tlshash":"78e10d68390e15f7ca3a276665330984ee47052744c2aa44f2dfb8941fb0f66d52ffca","size":6850,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.240394Z","times_seen":86,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.296989+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validanavegadorexclusivo.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1495},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":28,\"bytes_toserver\":4248,\"bytes_toclient\":30317,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bootstrap-select.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"f797f23ed6aa8091e31e48c507870a71","sha1":"697cca24565fcab18e1a8c335108b44dd8ae4b15","sha256":"f936cd97250abf98c66c00417750410c802d6494a0c21467dd75580c89310789","sha512":"824abd088508b089ee89ce58ac44d9414eb8c34c00f45be4f0a3e667faf0fb6182a6fa8c3c5b148bf34cf35c8aabd87d53809dfe3ee2ca3377ec032709dfd263","ssdeep":"768:x+H+VLQK9NCBHpjI1T9fhGmsyZ1vSnmfyFbqCF4Wbx5fE4Ss6:xwyQXHGnkgsqCFXbLE4Ss6","tlshash":"ca6364493656223185bb22bb9e5e584cfb39523f4502426578bd42c86ff0c20a1f6ffe","size":70786,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.28003Z","times_seen":136,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.273635+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-select.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":25,\"bytes_toserver\":5316,\"bytes_toclient\":25684,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.mousewheel.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"20fa602c8ee94776fddd5194e965f470","sha1":"85c53111adaeff064010bbf510ae1d8cc60cbc1f","sha256":"6793dd6128093c3b18d400a533068f6e354390faec1e5ebf2da9dfcb38bbb0c2","sha512":"9d4c74babc4b1fa2a92f8a1be4239c1c2f7b692098c98952bd9b60a54b2d95370f332693591d966687ce99b93a0031614fea5754c3062263e828fab271cb27dd","ssdeep":"","tlshash":"8a51f048268941e744ba7735eb4a9187f1b940a711273c66f86d2d802f30d8857f0fdd","size":2483,"data":"","first_seen":"2023-03-08T09:30:28Z","last_seen":"2026-04-27T04:06:20.830816Z","times_seen":278,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.374144+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mousewheel.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":962},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":53,\"bytes_toserver\":8714,\"bytes_toclient\":60578,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/home.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"60494e4d7e721e53fc37ccfab4ad7234","sha1":"1b0cc7c8da87fd37575e0b2ab3efd8ed983fa2a7","sha256":"ba4e09b6dfdc7f0994700f747fe52169f6094fe058ac260977f1161e5962dfe2","sha512":"30e5a4f0bbe496179a78fa4561ac194a3fdfa2331bd7b7eb79489879a1acf8ca0990e8d2f03522085d64817ad0dc5696574a0a94394cecfa14fa7987afebd0c0","ssdeep":"","tlshash":"14218f0aba0c923f81ef621402bdfb469ebdd1203757a077f5d96924a214d3b65dc8ec","size":1430,"data":"","first_seen":"2023-03-13T19:24:49Z","last_seen":"2026-04-12T06:21:14.198445Z","times_seen":87,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.387842+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/home.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":533},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":50,\"bytes_toserver\":9342,\"bytes_toclient\":59926,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/slick.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"777da4aaf5b960636dec0fd4e50ba489","sha1":"9a94038ccae90e6d2a0f9cb61f79ae7c70320287","sha256":"e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb","sha512":"9b810776ff98b94fe765b192187064d2ce4921fb60baf4c797c3302d332f7e55556e54eb070cc8917f61aa74191539a294457aa18d54f5e85527652695c6f848","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYK:EPrYdlNixEePiYK","tlshash":"6213a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","size":42864,"data":"","first_seen":"2023-03-07T01:06:24Z","last_seen":"2026-05-01T01:57:20.956668Z","times_seen":12521,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.392471+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/slick.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3992},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":35,\"bytes_toserver\":6642,\"bytes_toclient\":39076,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/navegg.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c57b0672c92d253ee34a767bcaf5cca3","sha1":"4d2032a2ccc94c8abd0f11f0c384476ff7999efc","sha256":"6188adebde4b20f7df65a818b81b70b7ed486d0825642180f83454eb9de69ad2","sha512":"9908e94dafc0086e2dd342c5a5a097900f2defd26ca15126b3fe1ee8315fd10b1dfb2a5a83e4a59c9f530bfcc512192f9be20abd5693fb271f88eaabe5edbce5","ssdeep":"384:DXcjCHPyAuySHw5l2ojaI7jOQpUkmdI7ueVeK7g:DXcmHPyAuySHw5l2ojaHQpdmmg","tlshash":"d842a38f3174e51a86d7f164e80f534a1627b10a4c84c72ebc5589e3ae60d4f8a7ab3d","size":12388,"data":"","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-01T02:24:39.926527Z","times_seen":107,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.179102+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/navegg.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":4184},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":38,\"bytes_toserver\":5140,\"bytes_toclient\":43625,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/ua-parser.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4cd4fba1d66aa7cd4301ae02aed66a7","sha1":"8e30247ce6869502a06399cc327026d4945c2f5b","sha256":"94a3b2e44bc1a8dc4788ff002fd34a08ec5a80ece283f705dce720b6b910dacd","sha512":"0786b0e123ab7a406267f4a134f716efd4571a3434f5d7c3079bd8f05d1aa8c0ad7fa72c906af71a218479ba1c5f20f60d4cd85cd650b52e82cc54442f165077","ssdeep":"384:tL+fKMdAgfscJAsUnQa8xOWBFGYdJbhIowspN:thlsJAsUQlwWBFzdJbhIoP","tlshash":"fa42c93ed7467f1057eada8cd52fa0006f379839cb8070a5cad86408f5c69a251ef7b2","size":13012,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-30T15:31:33.361794Z","times_seen":247,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.214574+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/ua-parser.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":22,\"bytes_toserver\":4680,\"bytes_toclient\":21057,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jQuery-plugin-progressbar.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca95dcbc232361a14aa088f5e2639821","sha1":"beb416d372fbaddeb50306262c0d2d156d82ab43","sha256":"8cb129f5b809a07f2c176a3901be0b460b882f329b3be2dce9e20a7c5821d6c2","sha512":"c184551e6793a3da448bda4ede56449ce44ca88eb9d346d0dabe91550b6daa69a71c18a8eeb5872089d7d68d91763003d78a16cf926fe8b65d719975b641faf1","ssdeep":"","tlshash":"d451cd9db982118a2a3722b744bc2304e9fd719bd8034714be3e71e40ff0946fb026a4","size":2453,"data":"","first_seen":"2023-03-10T05:20:33Z","last_seen":"2026-04-12T06:21:14.222022Z","times_seen":129,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.370271+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jQuery-plugin-progressbar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":646},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":49,\"bytes_toserver\":8736,\"bytes_toclient\":58978,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.flexslider.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"906c3ada1ed07698ef53c03300e37368","sha1":"7b92daa3c1e06dbed385924b5255f13862091446","sha256":"f51f0c4edcbac97d9f699e97ea26f1954e9622ccf82846cd2a31816a23a7b58c","sha512":"165ce08043833f3313430db253ee0521cd13bff24eec6d6b1e787521e3ddc5b00d6f76255fdfd515f87d3157ea5915dc83134b7891d9219170a8914143405106","ssdeep":"768:7zW0ppd+nZhSutD+DK/xNm3OdhZRuj5GhYch9ycnL0r:Ghu60j5Jch9ycnL0r","tlshash":"7c43101a6521166688b373aeaf5adc18ebf743538019865afded420cdf7041443b2ffa","size":58258,"data":"","first_seen":"2023-03-12T06:40:40Z","last_seen":"2026-04-12T06:21:14.209842Z","times_seen":134,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.376033+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.flexslider.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":52,\"pkts_toclient\":74,\"bytes_toserver\":9447,\"bytes_toclient\":88929,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/detect-mobile.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"57377d1435d515f195510e747b36bef4","sha1":"fe59e52cb1c2eaebf9639665d14f882205b05586","sha256":"8a29591c8d03d7f37e6dac874b6e1044f48bb90481225fe3d6ffa23d29e9bf59","sha512":"7cf8d02a69371c48fbb72e310e3b961934083fc149ecd474bc74780bd64afe9f9befcc28862ce5d0f625892e85b34d2c2fd95251d5bb8baf8b03b65e3dccb48d","ssdeep":"","tlshash":"09419e98f1c6a06591372a19b92f970cfa3ff00bd4348916797c46809ff184c6162e7c","size":2137,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.188821Z","times_seen":130,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.298470+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/detect-mobile.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":562},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":43,\"bytes_toserver\":6830,\"bytes_toclient\":48358,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.touchSwipe.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e44c00697626635e54dbb1da5ad5f6ca","sha1":"3526f5c34fdf94899f2a28f2f10703c46c6dc178","sha256":"4f88102a007d867c9705131a936e18587a98476d4c48aedad4ea09d23ec3c8b6","sha512":"44606a5c253d2d3e07dbcdd53e829ac4a455c4fa00b36dcc71ccd2a0c1573fcc4d2b25e3d4d669a4ee51dbeb31ed4ab3e14099827edb1d03c2f0950bc1cdec25","ssdeep":"384:WvSC3zhevYNzktrlro8aVfPxodvuyaHYleh+VPFmAS4BsioWfF+0UUTK7:WqC3Mkk3cjPxodvP8kMiok+0UKK7","tlshash":"4a9294c5bb053d53e9ff12f64257170ba2368eed050e10289839dfc629314b1a6efb69","size":20374,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.286324Z","times_seen":130,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.259056+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.touchSwipe.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":23,\"bytes_toserver\":2902,\"bytes_toclient\":25953,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chosen.jquery.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee982554fad24d47293a6a7296c64b47","sha1":"d637325268df1a33edabc4dcc035a99baf916d0f","sha256":"f2a5bcebbcc3ab1503692375b4ceb0764cc98e3c8cc9f51e3fda53704725aa23","sha512":"620ce226a202138627c9895ba86ba825280a666b56afb524e0d3cac0e70dade22b6ffeb63520c28291622b95faf7a1dd18ac497a71bfc26d08cd26b1b2ba0432","ssdeep":"768:NdAhKE5q8m70m0TEJwe0uZJwIjNb9EDTkYmCbENj6bA:NOvagTEJwe0uJjNb9EP3vENj6bA","tlshash":"75c24184bbf1a22141ba54eda45ea1c5a337a4dcd80c89dcfe6ddde25868c0d712fb34","size":28002,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-29T15:24:04.81Z","times_seen":203,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.225553+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chosen.jquery.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5441},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":43,\"bytes_toserver\":5773,\"bytes_toclient\":49747,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/owl.carousel.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c52f27fcac36c7667f8fb846e1e94d5","sha1":"e5862559db659ffd530c91452d668c5e7b3f0f2d","sha256":"6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad","sha512":"9b8f2503bf30b879d3318e8d3ee6ba447fdd0b3d7e2d4f0c3cc03eb325247e2e05e8a7978318e648c91f1a90fcd7ab7ce1018189d27f028ea33064e38307fb20","ssdeep":"384:7Ket0QK/Q52Cgwm0PQtiRX55DzNvYUyzLsxVxRbm:dK/Q4ptuXNQUyzLIk","tlshash":"08b2a54bb2202385469372b9419b110d713bfb78fc42855c70b6dadfaa4b84e9277b3d","size":23936,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-01T01:36:18.472845Z","times_seen":3295,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.235148+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/owl.carousel.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":6492},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5378,\"bytes_toclient\":30711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/mascara.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0b846dd64783d6dcedf17b603aeafd2","sha1":"7a159ed6b812bc88fc28137116426f20de1e226e","sha256":"7f0f0c14e8a93c312a359ca181466d56ffebb63347849d1fad1a714b3f8d725b","sha512":"58972dce9ec5f93b8c2359bb7e3c52fc42415f7360746c550098bd8ab3e144b098c14e0fba7dd62e6aa4ae6152cf04cd192f466dc9262e20fe239c8eb5aa1f13","ssdeep":"192:4BarGDee6uNKZTXX+YtnPsgjBtnPskoqO2eCxA7hYjxtw4wW7357BR8O2xUq+W7n:4Zq7Pw4FLPoOTw4wSl8DxJ+W7OW","tlshash":"d8820f08adda503d1f7260f98eaf408edb6f1d510d2295a0f29c45443fa2ea561fecf8","size":18529,"data":"","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.191455Z","times_seen":126,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.283283+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mascara.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":42,\"pkts_toclient\":56,\"bytes_toserver\":7792,\"bytes_toclient\":63293,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e5055736e271ef4e52440c1f6e3e90e","sha1":"89529e147ad495e73d96b89a5e6c8736cc1ddbcb","sha256":"219ecd03808c3bb921b80c2c9364768be810a0e2f658f9550739a9ea16eefe1d","sha512":"439101c4ca36b81ad41818737e558c56df88ee22f07498986516c1077adb23fc6b4c3dd1a6524ad1d56d1d93e2dc38b93edf5a26a8591cdb51f43031f6e5d6a5","ssdeep":"96:X9xq6lDw4duKjEWe7iAHnAJ8HoKhNlu/KHjFTaD0T32RXsJjTdQ7yKz:Nxr1jVQxA/KhNlu/KHhTvTssxTdQ7yo","tlshash":"96f1fe042313927f74bb27a5105a960a0308be37d7342ddb7ef559b14aabac92172e1f","size":8194,"data":"","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-01T02:24:39.89134Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e852ae64c4feafe7280005d5b306b3a","sha1":"1327fa7e5c967a70bb4375cd90352fa3d8f7b759","sha256":"31d19e6b28ddac4a4c6bcc3d796ba81b2f987dac8a9f636eafb6ca2d12a01eff","sha512":"b7c343bf863a3d0cb9bf203dd79ab773de8b3e158062060aa26705caa73e9a3544d51279d2f462084fd40161a4dbef0cf12a722eeeb6e8e3d288757bb9e2449e","ssdeep":"","tlshash":"11f0a2a13e68180445fcb306a607741786a62506ad34cc8e7e9740e9071491fbefba73","size":606,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-01T02:24:39.938638Z","times_seen":109,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/js.cookie-2.2.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3daccdfd841681a5f5c57bbb643967ef","sha1":"84b038e22749d67a5462c1189f42f6bf343c01bc","sha256":"3c2eed95477b5811ac48e9da8f6a71f936c2ded06ff5303f0b30fbd18f3333a8","sha512":"f10babba1c13a4ffd9e12569eecdfad1afdf920bfa41937c687a94249b96da8d01c32578c875cfebedf7d3739237eec70999eca3ae1afc4fe44b2cffa8ee343b","ssdeep":"","tlshash":"a53175c8716db844426f5431a7bf0347b1384a59ae89ea45930ce4f43a3146fc26bfeb","size":1644,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-30T02:55:54.874704Z","times_seen":165,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328039+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js.cookie-2.2.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":865},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5395,\"bytes_toclient\":31597,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.placeholder.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"337a3267bc5425ed08387355dc6b9a6b","sha1":"7f6a574e7db0a074b46f04fa45f1f0122e6dfd31","sha256":"ae26550dd034a9cd31ea83be9942c0bd8f2ffe060f579a3377948c8a441d1b7a","sha512":"ae1b42ffb39062e286f86e86402af420a5ff4f57551df0c5e1f78990bd672517191f8b2447170c642ee23e727cdb954f6a0bbbf6b0e8162f02c612d26820e444","ssdeep":"","tlshash":"a451fd4c76a6b6f6557bcc70007fcc05a132a39be21a9485a153d6946b78cc8d732dcf","size":2672,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.217006Z","times_seen":145,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.265026+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.placeholder.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1132},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":40,\"pkts_toclient\":54,\"bytes_toserver\":7169,\"bytes_toclient\":60265,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-footer-mapp.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"28dcf13c93f6f6b66b90f6aaa149722e","sha1":"56c40ddfed1459a67f5aa35e01539b2de3072114","sha256":"a265977c8330f72f64f864d3453be85da3eb9fdc9242fa205b3d2f87ea0d7333","sha512":"65483002cbb1be5d258899cd8c42f960f924ed9fe6fdae1c9229f8f16bfca0a4126e2c31fd9be32d8a91c29d4e56164180690cff3905ce59be514f4dc0ffa972","ssdeep":"","tlshash":"91319a2f12561072c87b62599d3ea68ce7e0213b4411e6027c4dc48dbfb4c4e59e3f2c","size":1680,"data":"","first_seen":"2024-03-05T19:59:08Z","last_seen":"2026-04-12T06:21:14.262533Z","times_seen":86,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328584+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer-mapp.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":526},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":45,\"bytes_toserver\":7393,\"bytes_toclient\":49365,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.mmenu.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"71e3ade6f16c8acafbc08bbffe2e22f5","sha1":"cafa974c40a4514e1e1fc914fe1254b0387b30a4","sha256":"486139cf05ddf44f16ea58eca8a1d68da8ebe26ef630052bc7a4df0a619371b8","sha512":"35af777286d758e948b7f97074e396ad0ba663cc60433958e749297e9659cf1d5060f6e1922578b1302e975b9b6c94486da1920d3fd124a29bfc0056d9535fff","ssdeep":"384:9YniZBRWnYtu/edvnxo4G2wXA41dyp5P8zht:12C5UXA4m5P8X","tlshash":"e072d74e718079f190abe2e2a1ab4409e533142c9606855c7278eac94d7e74a70f3fff","size":16933,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.202542Z","times_seen":137,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.208859+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mmenu.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5238},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":22,\"bytes_toserver\":3948,\"bytes_toclient\":19248,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bootstrap-4.3.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a958254db529f99f475080fe2a6dcdb","sha1":"eebc17246f2beda813dd3372593cc54a152f9cb4","sha256":"3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158","sha512":"327bf409cdd167171a300ef7f95fac5cbc802320b2872ea845ec434ff7987a21cb0f0346a8eb3cb891447b98e2e622c3d721bc295bf4f26e763659dbb8a09940","ssdeep":"768:BwYyDyKAmHVaS3m3Dqp0NwCkXDtdFDLmTV+miDNJcJiQMRqyPiYtB6UvcCg8YGxV:BwTKktDLmTF8yJL45XtHjoGL","tlshash":"5743b90a725478b205df9176917f420bb736688ae94ac16cb91d98ed1e7cc893227f3c","size":58078,"data":"","first_seen":"2023-03-07T01:41:57Z","last_seen":"2026-05-01T02:27:40.614446Z","times_seen":5447,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.270333+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-4.3.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":30,\"bytes_toserver\":5211,\"bytes_toclient\":28414,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/banner.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c970b7c8282934d31768fd66015a2e4","sha1":"62f17f9f983188a77ef5d02d813156c73abf778f","sha256":"991aa95ef7bc5c4f5a6f0b15b75e44fbf166ea505ab352119d32bb78c2988e88","sha512":"a864c90f79a8b3c44a5ca3fd783fc322e025be7d423d47bc6595f40de492a39ac2a2e8eac32bb459090d22f072076ff601fc49f14e8ed65960fa18e1662b2e8e","ssdeep":"","tlshash":"5b419b697c00127ee83612789db5d408ffa56b1b910cc9a1fefe81442f749046e67bed","size":2221,"data":"","first_seen":"2024-03-05T19:59:08Z","last_seen":"2026-04-12T06:21:14.319868Z","times_seen":87,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.366355+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/banner.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":32,\"bytes_toserver\":6576,\"bytes_toclient\":34534,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-progress-bar.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"b556bd81236e9e5998384afa0c796b08","sha1":"41a62d2922c0a03f42ba3d5851e2b15566268c1c","sha256":"755807308fc7e760c33999ad34c38533a927d36b24aa13a70273c8ff95747734","sha512":"8838241589987f042cbdc9a9077ba7993c220cd71a39ecdddd9e7ca01677d178576125c38f05c439bcd1df9f50e6d6900a6479449841665b55df55cf6d71164d","ssdeep":"","tlshash":"5f01f455bea220c41937737314be2619e7b8b19790438610bd3e64c48fb1a87af42fdc","size":851,"data":"","first_seen":"2023-03-14T12:25:51Z","last_seen":"2026-04-12T06:21:14.189556Z","times_seen":87,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.379555+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-progress-bar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":342},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":51,\"bytes_toserver\":8002,\"bytes_toclient\":58173,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validaFormNaoCorrentista.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f393ea9dc4d8207a8aa63da199107fc","sha1":"7543974a3aeb91555f80d08676e4a2349974c702","sha256":"8576bf058af7c38bb8412cdf33709b090bf691fb3aa99a6b3bb80dd7399bee1b","sha512":"b92225e303637bb89a3026df4b3bd81eb6a42d054724bc3bb4c5949a7b264c1c1f055c7a0ef65620191c118802d3326dd17ed161cb9c666f9fc641cf59ada94c","ssdeep":"96:wydssQAmSwBB0aTsstAmjIpMtPlpiK+ZyiwzMa5eiAQ+FROAzk8B8qj1ml1:HdssVmnn0aTssqm0CowvkHjk8B8qjsr","tlshash":"1bc12048b95b04ae9fb1331682371519dcfc52231584dfa0f84da0987bb0a6e46df5fd","size":5655,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.239617Z","times_seen":127,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.278544+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFormNaoCorrentista.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1837},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":16,\"pkts_toclient\":26,\"bytes_toserver\":3608,\"bytes_toclient\":28339,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery-3.4.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6b6350ee94a3ea74595c065cbf58af0","sha1":"b15f7cfa79519756dff1ad22553fd0ed09024343","sha256":"412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb","sha512":"f5a9c6aee347c155e4dd796c51716b7447bc22ae44741fceb6bcfee02f955ad4063d38613f241108a3e1f3e1f540fcaed8d9848b9a0fb823c00955cf9a19efad","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmt:jgZm0H5HO5+gCKWZyPmHQ47GKR","tlshash":"a08319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88147,"data":"","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-04-30T22:10:57.991938Z","times_seen":4700,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.261079+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery-3.4.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":21,\"bytes_toserver\":5172,\"bytes_toclient\":17856,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/moment.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"a766f690061fdaf1a8c4e12775a445d2","sha1":"83928cde10776245a7727a8edca00198933502e9","sha256":"71493f4ce16fd5cebf37ff111d0818462464b0a95c8aa3a5ff2ae34ab45c8fc6","sha512":"5ea26355537a09cefa20f055168e431dba12d2d9269de5816e4c7d427294aeda1ebfd870cb1a251ffc4d479c54fcd38f981ee24ea64696ff51afa5af0f34d03e","ssdeep":"768:HQzzGlTXaQRThOeehGXgg99smpuSv2Z7W2gjKkZK+6htrEFH7TaAv:wn6XHNhOeHh9sm5obGKkK+6D6H5","tlshash":"4243a3ca3986b01257b612b5083f080be33e6965680e4d1cf508e9d97839c7e527bfbc","size":58825,"data":"","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.211856Z","times_seen":88,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.343701+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/moment.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":44,\"pkts_toclient\":59,\"bytes_toserver\":8418,\"bytes_toclient\":67530,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.easing.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1f9ce3b7ae378e2e50bc92e1e97e517","sha1":"7fbd9db94fe93db1c641c663325871688f0a0d53","sha256":"d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea","sha512":"5347765165704075ff97a41abb7afd5724233b24ae1d34003b45c5476dafdca54605af1c58c13be57819ef0fe359ee852ba6dfd8f382d657bfaa49e7b1843247","ssdeep":"192:ytIOrPJrLEsq3w3r4ZVoicIQssRcqtEO6o3XRlOrPJrLEsq3w3r4w:sPrPJrLEs0KrioicDss2qtL6onRwrPJn","tlshash":"2d02244872c1631b41b9f360763a4d4bf078a42e922f491fbc5c50a5be7a22dd37ad78","size":8305,"data":"","first_seen":"2023-03-07T01:34:36Z","last_seen":"2026-04-29T22:39:50.438168Z","times_seen":1305,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.365255+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.easing.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2005},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":49,\"bytes_toserver\":8022,\"bytes_toclient\":53156,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chatbia-dist.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fc823def780eeac985fae43937bc2a2","sha1":"31c94ac6a1d9aa3004ced5ac5380ad81f074dcc7","sha256":"af035775488a426feae6ed7e2375d0d0a2cda213d57ba66745d98c46892de32d","sha512":"8ae9d2738975d1309cdb944c8a1a6de5369567e66155dbe59fb2b391f9b08bc2346adf8b14c57c3ddc4f52b08a5718c08c9d40d7a387b55c1faf02cc66293d2a","ssdeep":"","tlshash":"9281337c78329fbcf0e723e0198b1506143b4d9fa0489dae71b54c1a4aa9d9e5137e2e","size":3893,"data":"","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.20919Z","times_seen":84,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.146195+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chatbia-dist.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1268},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":3911,\"bytes_toclient\":11643,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validaFrame.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"addf438d310a4069e47f4f3e1112f7a5","sha1":"ef52922c0601a15ee62f11d9a19858bbd99215bc","sha256":"586896240fa7cbc1e2ee22eeb8f658748f2423a22df23e2cca1a2ac9c21754c5","sha512":"c3864b9abd0f55699946f8af9c377505d4a4ad93a0e8925cba9c327d5807f9bc1b52b689953632bec1b65a83477dfec7072420d007364f138a3661eaaa5b6bac","ssdeep":"","tlshash":"10416ed90c02603552b26b31dea51d49fe7b01a35588e884bafc95841ff0fd8122efa4","size":1896,"data":"","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.233669Z","times_seen":124,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.151957+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFrame.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":623},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":16,\"bytes_toserver\":3911,\"bytes_toclient\":13592,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d3a80a968519fbb77594a5c84f4cb39","sha1":"f9791404cce3349f41536f5775576a997f8c0be9","sha256":"a63312e732c5a904a21bb874eb4841ced039d525a1b25d666c3a6324f38d372b","sha512":"aebe8b1a9eed91af39fa43a9009f7d56927ff23452e9d24b78fc7a0e55366beef6d74eb86c18c27b7210aa99e95df427fa0c9783ffe744d41d6f06e6876796e3","ssdeep":"","tlshash":"038004304c13404c340705c5373705004c5104117141c1115430744051d41000035cd5","size":32,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-12T06:21:14.327455Z","times_seen":84,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d07cc1a2cb5e8f2fd1868d382104c3f6","sha1":"71738476b8d9f04d7a11d7f66ba1c8fbad59fe6d","sha256":"cc04f12297fbfca2cecd31beebe2a3bf7eb1fb0c8087e024feb22bbdf68e6d34","sha512":"c8bbc41e869451ce3d746be63e9f183ca017b5d07b6e81a9765b0c0719de983aef0302c6a0caabbaa09f71b6bf795ad2be28b29bfbb5fd77fd26916f3518bc3e","ssdeep":"","tlshash":"8a019c0aad7c393436c92d3061efe78e7a63d732050070f0c309b9826df5972b41a988","size":740,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.33544Z","times_seen":131,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-footer.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d43ffb0cb50fd8ed48f089187014dc4","sha1":"ece10477d5fb34adc27f9e192260a4e8a9ae98d2","sha256":"ddea64a5330992219dbf9be8723cb85d28d0f84511b473d06ce77c319aeebb36","sha512":"63ee442857afe39f882eeafed1f8ca04ffb0425fbe182db30743a0543f044bd17fa7de4e40d77bb5c5744f13de79c280abba323bbf1d0b3054541bbc7337ddad","ssdeep":"","tlshash":"57519d78021b2035c67b735a8edb644cfb61815be100693ab9ace64d2ff0e0946d6f9d","size":2554,"data":"","first_seen":"2023-03-10T05:20:32Z","last_seen":"2026-04-12T06:21:14.235023Z","times_seen":93,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328671+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":679},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":46,\"bytes_toserver\":7541,\"bytes_toclient\":55711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.magnific-popup.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9cdc2d05f9df07ebe5bcc0a6fc269f4f","sha1":"40b7fec1278697f41e32f661d54e095aefc243cf","sha256":"c888c8636909a55dfe9ba3f36c6e1b788320f66771538dfac043a67fa4a6a196","sha512":"119131d91360c2c082aead35a3f6977c32f3fd92eda94f95ad16d569eb9cc315df07ea940c1adb9cbd329ce32204d77ab035eefa26c92e75667b9c71f7894019","ssdeep":"384:iPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/V6l8aZwHwztLypmst:iPBIt8I5h5d1qkOLyMst","tlshash":"7c922994f2b2b21383a735b8686f700939729953ed06c855a55d94d87efcec89027f3c","size":20202,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.889483Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.220954+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.magnific-popup.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":19,\"bytes_toserver\":4552,\"bytes_toclient\":17596,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bAutocomplete.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"f86d94ef58c7f691d6c68ad390be67b3","sha1":"50b973d6c4c08611ba0a33663569f6a114f45b1f","sha256":"7c056a24b2b91441fbff82bfaed99d3edc5a1bbd00b83428b3ef075efaed8150","sha512":"0c7bf8e410c876c784a159a43e453ef5f3b5fe8dd2539c8594b1ce4b71ae57a5f3d8a7a77f4681e79ce32f086c06423ceec19b25130380209444c1caf42704b0","ssdeep":"192:IzOMTEaOZMdMfmHGFfUr8rGI+C/tuGBD/d/ErJ7aMGCQxnWHCo6c9Eyp:FTDfUafUrwHgeAaMGCzHh99D","tlshash":"73322115678a45ab168fb13a07df4108b8b940eb32b08f053c1e57907fa0f6925b96f7","size":11795,"data":"","first_seen":"2023-04-08T19:24:51Z","last_seen":"2026-04-12T06:21:14.333549Z","times_seen":127,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.166674+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bAutocomplete.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":18,\"bytes_toserver\":4540,\"bytes_toclient\":14762,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/retargeting.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"919d1de7a17c9806f8ae8bfb7c549d7a","sha1":"c3590697267e72af23e8d8b0c8286537273c1e42","sha256":"b49de5a27b7ee92d9dda234a5cac21f2e4207f2194618f3735f1e08c67ada2a6","sha512":"3a1dbd2ccf718c96298032c43128f76712b0aeabb551ec4f1550e806a50a5afb364607f21a676e1cee294cc07da3e842052afb71361be261d6f4667ad306dbcc","ssdeep":"1536:IhUOZ2SRTGh+FYR5yCBMtipyaP5jlHmD8R:IBZ2SRTGh+FYR5yCBMtipyaPa2","tlshash":"9204c504bdb502541b7532a14e6fd60cfb2a49779108d5517dace2b90ff8b0caa98fbc","size":179986,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.932225Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.341517+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/retargeting.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5439},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":40,\"bytes_toserver\":6141,\"bytes_toclient\":45648,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/main.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c426e7ebeebfc296d7d9fd4fb365101","sha1":"3e0bb0e84f90f630a3e84662f289df4b5a227599","sha256":"e02ee200deba4166b76356fededf2446d86432a43c93d1dbecc0f9f7532cfaf4","sha512":"45be5fa4244b3951a159c59df8e8ad9da453358d59eb1c2e61b3598e424fb1498bb374e407a1670e15bfbdb3f7bb8da3f56e5629794e2e6b14005cda9741e8a9","ssdeep":"768:eYGgN86MVGyCIdzKQ9TIUNSmTWTe+D7DiwVroz9BVQhX5cC:agi65IdGQ9TIUNSmwozVEX5cC","tlshash":"5a530992b69d7a3f43a36265a17e2a88de5dc131c100c0b8fdf1945c65c8e8537fae2d","size":64742,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.939404Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.354217+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/main.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":48,\"bytes_toserver\":7287,\"bytes_toclient\":53526,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/lembrarAgCta.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c31a2cc86372207e313fdd2cfbcd08e","sha1":"baeb6e0f4a5ff41f18654fa6fe1cc6b4ad791c06","sha256":"5965905332c8e58505504d982b76b017db4bf598ca4e77cabfcfb5d55fb3bd55","sha512":"8e9b5e19a4177e59ca91a08135a6856bbb2daa963cdc6acca81adecb5ff6bcd134923b0d42bd976114549601b5ef650de301a8d1e1d73bb126b1c3e48438f076","ssdeep":"","tlshash":"9e81105a3189146e0ef92fa72e7b2389ec7483101a1980f9ec099eb4d170d85657ffb5","size":3914,"data":"","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.234292Z","times_seen":127,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.168572+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/lembrarAgCta.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1429},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":20,\"bytes_toserver\":4051,\"bytes_toclient\":18029,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bPagina-min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9dc92dc4389be9e455561693fc38131c","sha1":"6f9b7eb7a3a11770bd8b88d58cfc15f8f426942d","sha256":"12ab6dba5abd795c4eab5b5531fe8da10949e2bea0d835bd32f5a5336d91d8be","sha512":"7ed90fa26201216e19a20da3e07dd66b4c032d24fe4cb140f0db1560d881be3f285bfbf1c654c4e2f80755c813e09994d800ea3b4efe15f31f64f48e3a5c10a0","ssdeep":"","tlshash":"1911238ab39e34b2b330f335549f0a073174682245db62e0962d8cd43479974c0328bc","size":868,"data":"","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.22739Z","times_seen":130,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.193581+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bPagina-min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":561},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":14,\"pkts_toclient\":17,\"bytes_toserver\":4486,\"bytes_toclient\":14568,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/popper.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1dbc64f8b1dfe0c089dd55b09bbbc72","sha1":"a7da3b9714e3bf1f6fe61fdd30a96006431d0756","sha256":"193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22","sha512":"ccd711a6f662d71f238dee07fba314967df747c1f690bd4c7121e62ea5c360ef532e7b85c91310312798f26dbdc1c5f7f9506c416d7fabc3e71a1da4179b7ba6","ssdeep":"384:LCbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb96q:Wb4xGmiJfaf7gxQvVU7eziv+cSjknZ3R","tlshash":"bf82a3cc3291b07643a79167a06f960eb2339979614e9420f199f2d87c70ef9913fc7a","size":19193,"data":"","first_seen":"2023-03-07T01:30:30Z","last_seen":"2026-04-30T13:41:39.680193Z","times_seen":2837,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.245285+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/popper.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":47,\"bytes_toserver\":6399,\"bytes_toclient\":53948,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"233889fd9c1f0cedd02014fe05e79ce6","sha1":"864e3cc123603d84619922bce0b83d075c872dd2","sha256":"c3ca42ba825dad7220f693f0b0656ba4c47f78737792c05ba0be3072f2b1d5d9","sha512":"5149dc7ea230c5acab92ea2650849a3e4c640913a19abad23c0519c7644c6cb30b1a4bbfa5a7a47c9590f227f60f04af7d99de4027e183c368e4764852e07eb4","ssdeep":"3072:nps4Ijnys3nf/qRWFjeMhosSGrX4NC2oq9qW4XHt:npsrys3n5ZosS2Mvoqs5XHt","tlshash":"d5f318ddb396702382eba1b9106f250fb23664696d0d8418f03cd8e8ac79e495177fbd","size":171970,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.885416Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/mediaelement-and-player.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"10d1ac278f6fd79f6af8f0d3d19926e9","sha1":"2823cc42ebb798732cfce394744062659d619ae2","sha256":"c90d4cb15cb3c45e5fe2139fc585dd3a1a541e096c2dfae9855453b772ae812f","sha512":"b41443a54bc39986d187a27de046bceb77155dffe2ec8a54bf5fb5da9940cbe8d48b41eb9f10b7e4f91b9fae1a52c7bf2a3b4cf2d542279bb7858cd2845ccb40","ssdeep":"1536:Q0Yp/FSV6lnn4LP45lOpc6Pm6DqvY0NtSjtLpW9jQeb3Xevle:VYp/FNKrPm3n/St89jTOvQ","tlshash":"7a83f964b6403272c0e714ee202f568a223f8b6bf405d821b57eedf95df8d48526bf19","size":81255,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.895604Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.280640+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mediaelement-and-player.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":22,\"pkts_toclient\":31,\"bytes_toserver\":6021,\"bytes_toclient\":33739,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.color.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"74f63f45bc3349e713659dda62542d0d","sha1":"e3e9389e72f554ee8254087080a1e91cf68bafe1","sha256":"384a8cbaae93f726bb5309c54fa910e8b501f09c65247beaf1e2c94b9d6a1108","sha512":"23964b320970fe46eec369ecdee8a7d6e51a74f55edd485528d3703072158c9ce7f179990061d6b01452e705c82410d890daaa4e2082b64bd7be69bbe20bbd8f","ssdeep":"384:QObqzeL0tbwt5jkrEySCQ8e2vVgFoyIsw:8eL0tbwt5jkrzde2vVqIr","tlshash":"cb7212d8b79f505f4ba27394883a8148ed7ee435521912bcbd8e94bd386084e8277f7c","size":17215,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.847512Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.230388+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.color.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5391},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":27,\"bytes_toserver\":4576,\"bytes_toclient\":25320,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/modal-cartoes.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9021a9becd19b17ef10ec79fe7b8f78","sha1":"5872e8bab6667cc7d493163a612253315d368a18","sha256":"ec2cd808f1f41cf31ff3d579681278de7e77fc155f33b1a2f7a7c88fbd1482bb","sha512":"be41d14aae31e1c22ea437211a5cf970355b9c1ce88b30e345efdd61bfd2d8af8227a242bfe1484031eedb5ccd040793549bf04ef85e46ddef32af583b6480dc","ssdeep":"192:dLMaNyRLh2yrBUBaBb3vJr9LXrbQ6EWQZPLuwFutLvLnX:CaeGi3vTrF","tlshash":"b3d2bd92e067512951b52a919943140cbfa30acfd198f50cf6ec98662ff8b9f103bf4e","size":30760,"data":"","first_seen":"2023-03-14T12:25:51Z","last_seen":"2026-04-12T06:21:14.220584Z","times_seen":86,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.307187+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/modal-cartoes.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1484},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":6104,\"bytes_toclient\":43874,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/js-cookie.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"92cac509bce9ea74c92a67fc5803e415","sha1":"15bfea1728be47c34de63416d7231626c472dcb0","sha256":"a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0","sha512":"31ec30dac5ea347c48d7ee43ca1ffd280b6f23d459480e1cd4ada4e622f4da888f3bf447dd0df42f73356a56eda8c839d2ee2045361d578117390a97108df7e8","ssdeep":"","tlshash":"963151d870942c8c11af5922823f014fb139da6a2d9d41819219e1f0b639d3fc25bff6","size":1619,"data":"","first_seen":"2023-03-07T01:06:49Z","last_seen":"2026-04-30T15:31:33.384883Z","times_seen":1667,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.348211+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js-cookie.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":822},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":47,\"bytes_toserver\":7956,\"bytes_toclient\":50668,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-cookie.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"47ef3a0fa85a034d46bd6de377dd27dd","sha1":"39f12a42517f912304ee3055820e6e1456a74396","sha256":"4a23343624380d36f08393384c53c46b534f375f2f311c5496ee108e53e38ffa","sha512":"edd686a67abf35a99d73a4bf10692cffc22226be2e4fd58ab0c36ba91db255870df3a3cb408c1c5311bae916397e7d125849154d5e0f0a3078e769efae68ca94","ssdeep":"192:QSG8MT12jB3uj+WObaCiGfXU4XbrbFS++:Y8q8jw","tlshash":"5bf142793545162bbc376796ef961b44fe1446134208cfa9f6bce1091fbcc8219f2d68","size":7462,"data":"","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-12T06:21:14.221301Z","times_seen":84,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.347601+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-cookie.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1723},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":31,\"pkts_toclient\":48,\"bytes_toserver\":7607,\"bytes_toclient\":57917,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e1d3f536f7a06cc0bee87a3b96da1b2","sha1":"0d434ecb3eefae6a565aa3263b92729750c0de48","sha256":"ac624c382aae962a001e0834ac62f3a76f076e98065f081d5f076aff5889bfd1","sha512":"4f67ae7ef1414bafc1a53dc45154e178392ed8f098a83c7cf4dee76568c84bda2545f1e850f9a670d71976f292adcb8a3b98335f939f9aad2038af2b106fd737","ssdeep":"","tlshash":"1e519b98a647a1680b3363384b378208ff2ad44b91045aa5bd8c4dd47ff1e2582a5ebc","size":2451,"data":"","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.242285Z","times_seen":121,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.362451+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":807},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":49,\"bytes_toserver\":7396,\"bytes_toclient\":57350,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chat.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c7b7cfbb06bbf02214b1b3e752c8a15","sha1":"fa4fe863bdd3acbb9481cbb9d445556e2f07532e","sha256":"e7e6e4df1ad61c67228b6104d5a177de0ed825663ace6c6d0e22779b90251625","sha512":"04e670ecbf4c318cb029857f952e3b6695ee79990b646242681b5278267ea3a91445dab6b7e2fe2a84345f1512355efd4b8a08ca24fe39eeeda340a2530d96c2","ssdeep":"192:HwEh6KYZyhHBLBTmPbACSX3IHkS9FLBn0ppzdfRhL3:fFBLB7IESADL3","tlshash":"ca326344b198133a49732339cbb7c219ff6e95074215de64f88c96d81ff0691e522fad","size":11551,"data":"","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-01T02:24:39.833272Z","times_seen":64,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.383090+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chat.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":52,\"bytes_toserver\":8642,\"bytes_toclient\":56614,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/cartoes_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.211Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/cartoes_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:54:56 GMT\r\nETag: \"119c-5c1fa1f612c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4508\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4508,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5b24c258f224bd9c66b1649509067218","sha1":"778ab1f9d91b7b295959cb06c77d2d3f698f5ae8","sha256":"3a13e36031f153dc6c62ef63d194c581e9e0f1dbf68027c929a64f50e62e0121","sha512":"8bb09a040d77d7a360679d8d1fbd8105148d5adc1a2af92c4eaab3b16423dc32bee03b8c28b7a3bba69161db362c45c4b70c92798601f3ef34e53266fa6df2bc","ssdeep":"96:Np1Dqem6V4igFMeFod9Rb1pGqJhe2VF81:Np1DqxZCNd9RRpGtc81","tlshash":"6e918d4a4dc3b0b78778244d835cdc6417ea9985b5414cd890a6bc02471661fd18bee6","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.147512Z","times_seen":76,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":361,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.588961+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cartoes_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":105,\"pkts_toclient\":232,\"bytes_toserver\":17213,\"bytes_toclient\":325746,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/cielo_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.229Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/cielo_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:56:32 GMT\r\nETag: \"397e-5c1fa251a0400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14718\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14718,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9de433d77045f54491d18bc89d73b76c","sha1":"4a597182d5e479e0a9ac32148835a3ec995d03ce","sha256":"a16036b04b323af97b21842de52c6e5172001b6f3304dbaaee55890e7e51247b","sha512":"837217bf1d1f9b97ed2b3a83e3b053889d04b683ccd6026d8541218472d2150a84e4b7ab0ecd233214b9f25d76f129b8607bc584edd13633b50f92cdba48a55a","ssdeep":"384:HCSoUOFdtnJA8fXseSvgp8/yHRnYafyC9XGUQ:HCDvFXJsVop8/4lx","tlshash":"3362c0f089c17f8e922dacf63127872d9d199e4471e67fa647b53b9640630424c8a9e3","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.27907Z","times_seen":74,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":369,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.617746+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cielo_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":120,\"pkts_toclient\":248,\"bytes_toserver\":19639,\"bytes_toclient\":345938,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-boletos.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.248Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-boletos.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:50:02 GMT\r\nETag: \"401-5c1fa0ddb1680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1025\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1025,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"48ea790b14e2c9dde9304437ac09b0d2","sha1":"c8c523bef96d4c38e0142b26b2d4c107e79412ad","sha256":"9cd451d0284490a679a1109e4d2ee51fbe8db5cae800fb2d36313cacfb8f00d6","sha512":"a4d875c8e7b5884eae322eaefe4b33de3861b8103f180d8acacf968df78f8116504fd66cc949a42590072e12afb247f2657af6f98746ccc616f048aa182a8378","ssdeep":"","tlshash":"3f113858532e85fc776ec878269b4a28c20fb4ab73fec114248f4030d12304eea95562","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.225809Z","times_seen":74,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.669420+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-boletos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1025},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":119,\"pkts_toclient\":252,\"bytes_toserver\":20233,\"bytes_toclient\":354255,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-app-bia.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.272Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-app-bia.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:45:04 GMT\r\nETag: \"663-5c1f9fc17f800\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1635\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1635,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 82 x 81, 8-bit colormap, non-interlaced","md5":"7f14ebbb0b215d242fa8b42a6e622ca3","sha1":"e94ee9063cd974edd75c23d1a545ad167832359a","sha256":"2f48ee28f680e5c7d748e001e4d1cc85ad5703c40b8e9ea092d7fc2a10795368","sha512":"1a1c0a96ff1d496f5e9dd719a78dbd58946a3416705dca82eb61e1dd4f5a14ff0ef13f999e08fd65be88e625c57cf19f46e3f620d68fd2d959604eb032821dda","ssdeep":"","tlshash":"5031a9dafc748cb345c76d5950946412811dae234edd2a2394a3783943fa02b0eecb96","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.215775Z","times_seen":126,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":255,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.547364+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-app-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":111,\"pkts_toclient\":182,\"bytes_toserver\":16498,\"bytes_toclient\":247702,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/linkedin-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.274Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/linkedin-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:18:08 GMT\r\nETag: \"1124-59da790345000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4388\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4388,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7363071d413e59b40f5f24a2c3d3dab8","sha1":"6bbe7317ecf7e40e6332bcbbd76e57eccdaf7568","sha256":"ddbdd1853b15af59209a6874f121d38d3edc530c5f8b63c51162f67aa6266447","sha512":"fdcc231771bedf920f1c1c0b34f208e3ed1ba9e3a3fa55b66e59eea83243f2271f40fbe98bd6f1f4640575363e623c692191ab0ea618b9f52e844f319b7b56b2","ssdeep":"96:LfPxhHSX0CnDyBUu1lgc7C0S+1NCgDtf+DzUmrC4cv45xtsz:bPxhHSA9IO/Cop+3NC4J57sz","tlshash":"b3911f170359e7987e94413cb47a320ab468dcd3a1b8b2e4b7532037e14d1f9b52dbe8","first_seen":"2023-05-18T15:35:46Z","last_seen":"2026-04-12T06:21:14.258749Z","times_seen":91,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.555818+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/linkedin-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":88,\"pkts_toclient\":157,\"bytes_toserver\":16063,\"bytes_toclient\":212257,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-lembrar-me.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.706Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-lembrar-me.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:06:42 GMT\r\nETag: \"167-5c1fa4975e080\"\r\nAccept-Ranges: bytes\r\nContent-Length: 359\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":359,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"4b0dd1698e9322903147855303270534","sha1":"92eb9f01410d15149ee2f32434a63451e0a78025","sha256":"70926eeed5208268be9d50bcb8bcabb76f1f7f468218e79f563f41bc58eda42b","sha512":"37f38834594067a627edac97c4106774b98494bc68824d8f8be4070b3bce657c4f91412ac326be06399d4bdf860019a11c0aa67e83f8c4a0c73986962d58dc82","ssdeep":"","tlshash":"b7e0c0919d912d78fb20ab358f894132c26a11c99a51c85e0007cc912ea3c7d00c8345","first_seen":"2023-05-21T02:59:23Z","last_seen":"2026-04-12T06:21:14.247898Z","times_seen":77,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.686939+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-lembrar-me.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":359},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":140,\"pkts_toclient\":280,\"bytes_toserver\":23150,\"bytes_toclient\":391543,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/seta.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.721Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/seta.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:51:24 GMT\r\nETag: \"64d-59da730993700\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1613\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1613,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03f8e917470fda36ee23a17e15945fa3","sha1":"d9f6cd6066fd4ab581d65e8774d2aae056e919b8","sha256":"c5e9869365091121e33f1beba329a91223326dc62c60d27ae04b07a8b71758d0","sha512":"35ab05a5b2b07e0807b2a71f954e6f3145cef15212b11b0a4943b109d2ba774597f89cc24e5501104e8c66f0dbf9905ed194a1850a1e1144a8677d8e252299b3","ssdeep":"","tlshash":"fc3130d680de22d9fc640bc5e3fa7428a8f93c5f7ac80dc949e94d37181a19b1a98d91","first_seen":"2023-05-21T02:59:23Z","last_seen":"2026-04-30T11:22:36.814427Z","times_seen":99,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.698301+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/seta.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1613},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":113,\"pkts_toclient\":239,\"bytes_toserver\":18859,\"bytes_toclient\":331709,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/font-awesome.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.112Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/font-awesome.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 15:05:36 GMT\r\nETag: \"921c-5c1fb1c1a7000-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 7108\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":37404,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (444), with CRLF line terminators","md5":"09e9a607498fbe8c090f2e56fa25a5ab","sha1":"16cea644f4ed74bca47835705cf6c5413cf8c82d","sha256":"1599665372ca2603a6f26d77fd3a54f982e771fcabfc314138b420633d69d3b7","sha512":"e861017ea4425ee3cdbe4d02539678963af9b968d96283846815a047a5338cad84c6155a81e03713e39b849c1d86e29fe918bed1f1fe50bc9cc2b307be21bb25","ssdeep":"768:PbsmzFd8cWmbiC/9TUMNatOx6ujNJZDdX:Pbsm5dQmR/9ASeM6ujTX","tlshash":"12f238fcd16e00d04b22daa1a3426a627b3db6bcee420d54f2263d8c91c3655b1c6fdd","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.252003Z","times_seen":84,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.079125+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-awesome.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":9,\"bytes_toserver\":2073,\"bytes_toclient\":6971,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade_ajuda.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.163Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade_ajuda.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:46:04 GMT\r\nETag: \"38c-5c1f9ffab7f00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 908\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":908,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b3b4a33eb4428fabcab1db1943d84578","sha1":"fc8cd6ae5e1f1869ae4b9f27297fe7283e21a1e1","sha256":"b2cc4eadff72e4eccb1b22ad07d80cd8e6f2c3aeb86f88b70f5ec26996c1e81e","sha512":"4e3d1275626a9eb1c9cd4c240be2857c8ced8991e057815ecc75b22a39974f6d980e72341d438edcb0acd69c50bf63fe37d857ce21b23b2dd21d65b9ec7d1e43","ssdeep":"","tlshash":"58117a779398021990a20bc34fea1d45932ded63f0d9789497d206b52d22a7f347c91a","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-30T15:31:33.385562Z","times_seen":182,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.397454+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_ajuda.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":908},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":57,\"pkts_toclient\":81,\"bytes_toserver\":10835,\"bytes_toclient\":98896,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-progress-bar.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.339Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/index-progress-bar.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 15:11:34 GMT\r\nETag: \"353-5c1fb31711580-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 342\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":851,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"b556bd81236e9e5998384afa0c796b08","sha1":"41a62d2922c0a03f42ba3d5851e2b15566268c1c","sha256":"755807308fc7e760c33999ad34c38533a927d36b24aa13a70273c8ff95747734","sha512":"8838241589987f042cbdc9a9077ba7993c220cd71a39ecdddd9e7ca01677d178576125c38f05c439bcd1df9f50e6d6900a6479449841665b55df55cf6d71164d","ssdeep":"","tlshash":"5f01f455bea220c41937737314be2619e7b8b19790438610bd3e64c48fb1a87af42fdc","first_seen":"2023-03-14T12:25:51Z","last_seen":"2026-04-12T06:21:14.189556Z","times_seen":87,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.379555+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-progress-bar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":342},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":51,\"bytes_toserver\":8002,\"bytes_toclient\":58173,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/fontes/BradescoSans-Medium.woff2","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.732Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/fontes/BradescoSans-Medium.woff2 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:54:28 GMT\r\nETag: \"5034-59da58e698d00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20532\r\nKeep-Alive: timeout=5, max=76\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20532, version 1.0","md5":"b740a37fb1a459c10602d2dbec85fe7a","sha1":"5d25d1f10f6653466056b46ab2578ad107950f12","sha256":"214e7e05af1d1924176227bcd5c70864ddcb8be3300a97f97e428a0577553ffc","sha512":"0fd32feb5c365336055add162872c7b4d4f963ff4dcd6d432f9efbdeb628b2ba07df8e98987f0e365283663e947d8139a99070bb143bde450ff6f8e37e1684b7","ssdeep":"384:Vr8zBzMcLO75+88uv/auvlnUO5pnppQMQY6hBS//oYg:Vr8zBHORx+OXpqMQ+/tg","tlshash":"9c92d14ffa01caf1891b51c9f8fa128715b636b4f624af1617d30f3eb86a1c14693861","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-30T15:31:33.287327Z","times_seen":244,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.706025+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Medium.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":121,\"pkts_toclient\":258,\"bytes_toserver\":20962,\"bytes_toclient\":362389,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/magnific-popup.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.090Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/magnific-popup.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:46:50 GMT\r\nETag: \"1b24-5c1f92bd5c280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1831\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6948,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6e95f36d8f45cd8c25ac511ac30f6167","sha1":"b9fb04a4b80827f3a4a4d8424e9c5505c967702d","sha256":"d9018a579b0c1a8f3c352c6158d1d7e725464b787e83d2857151049f86ae1b74","sha512":"7e31838b531e1c9814eaff063146181c2e8e042dd076ffb119af6f024ae0e44984d377d515b6e7484ac91ecf0d915bba83b48fe802771290499e57a25a0a0525","ssdeep":"192:hRQ4fS5bzRyI5L+mcSMT2s96/LEpeXHFykgxc:wdxMtSFJ","tlshash":"7ee11cd39fb22305e525e9a8a657a76973120013e70fcc6bbfd12448df8e7c941a3b85","first_seen":"2023-04-13T00:52:13Z","last_seen":"2026-04-12T06:21:14.190188Z","times_seen":113,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":1,"connect":17,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.038334+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/magnific-popup.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":787,\"bytes_toclient\":2441,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/destaque-6.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.270Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/destaque-6.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:47:22 GMT\r\nETag: \"1214f-59da7222c9680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 74063\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":74063,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 321x352, components 3","md5":"75de52712f022f096bbfdc7a0fc495b8","sha1":"8b37c991b293c8021e80df9212b3052a445edf89","sha256":"9209d14cd971e33c1d4b47c0352e972835b7b1d00174278e78193d832d2c61ef","sha512":"e090a973a717a174343ea553c7f41c73818d7cddb5f1659e652cab7e9e42c630215bba352e68599028cda9452656b79c7c2e075bb2e2b8fefbfc9a02cd53bf98","ssdeep":"1536:983DvlfWBMJqVn0D8pQ0GGm6Te8ccQ11hkygnctY39eFv:9aDtfWiJqV0DaQ0zFo1u6Y39eB","tlshash":"e4730213598bdfc1ddf496303062d3427dec2d0ea2a2ab5214bd2e07b0e89b59d4f2d8","first_seen":"2023-05-01T09:25:44Z","last_seen":"2026-04-12T06:21:14.263395Z","times_seen":113,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":246,"dns":0,"connect":0,"send":0,"wait":18,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.534217+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-6.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":74,\"pkts_toclient\":176,\"bytes_toserver\":13587,\"bytes_toclient\":245121,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/js-cookie.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.327Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/js-cookie.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:19:32 GMT\r\nETag: \"653-5c1fa775b2500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 822\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1619,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1619), with no line terminators","md5":"92cac509bce9ea74c92a67fc5803e415","sha1":"15bfea1728be47c34de63416d7231626c472dcb0","sha256":"a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0","sha512":"31ec30dac5ea347c48d7ee43ca1ffd280b6f23d459480e1cd4ada4e622f4da888f3bf447dd0df42f73356a56eda8c839d2ee2045361d578117390a97108df7e8","ssdeep":"","tlshash":"963151d870942c8c11af5922823f014fb139da6a2d9d41819219e1f0b639d3fc25bff6","first_seen":"2023-03-07T01:06:49Z","last_seen":"2026-04-30T15:31:33.384883Z","times_seen":1667,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.348211+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js-cookie.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":822},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":47,\"bytes_toserver\":7956,\"bytes_toclient\":50668,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bAutocomplete.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.283Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/bAutocomplete.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:00 GMT\r\nETag: \"2e11-5c1fa58d6a500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2570\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11793,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"f5ef30fd2cc1bb7cdd28433ef06e8792","sha1":"1c67299d5f257b5e4279a666a2342b466e1949bc","sha256":"8e60bf6ddfaa35147738cbb1d87287aaca82b3b06fa26feea5696260d4704f74","sha512":"4a3cb0d8963373d42c56068aaf637246d024fb0f4408cfacfabf87be261d1067e52c9ef6f6266f4204629d801376336aaca12de1639b66be112337d53f84127e","ssdeep":"192:WzO9TEgNOZMdMfmHGFfUr8rGI+C/tuGBD/d/ErJ7aMGCQxnWHCo6c9Eyp:LgDfUafUrwHgeAaMGCzHh99D","tlshash":"01322215678a45ab168fb13e07df4108b8b940eb32708f053c1e57907fa0f6925b96f7","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.201836Z","times_seen":101,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.166674+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bAutocomplete.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":18,\"bytes_toserver\":4540,\"bytes_toclient\":14762,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery-3.4.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.286Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:18 GMT\r\nETag: \"15853-5c1fa59e94d80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 30682\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":88147,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"a6b6350ee94a3ea74595c065cbf58af0","sha1":"b15f7cfa79519756dff1ad22553fd0ed09024343","sha256":"412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb","sha512":"f5a9c6aee347c155e4dd796c51716b7447bc22ae44741fceb6bcfee02f955ad4063d38613f241108a3e1f3e1f540fcaed8d9848b9a0fb823c00955cf9a19efad","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmt:jgZm0H5HO5+gCKWZyPmHQ47GKR","tlshash":"a08319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-04-30T22:10:57.991938Z","times_seen":4700,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":19,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.261079+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery-3.4.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":21,\"bytes_toserver\":5172,\"bytes_toclient\":17856,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/agora.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.216Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/agora.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:55:32 GMT\r\nETag: \"1b4c-5c1fa21867d00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6988\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6988,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"024bb79a72968a59e2e64ddb36df5665","sha1":"2602057ad7fa7648d06f4df58940a520f0744cd2","sha256":"7370aaee62eea729ab5d935c7de2780d34589949578916785e32707d9be7b219","sha512":"884f0099ae412ee8cae2890f8c38caf9ee9c627105c142bc22aac3c4b314a3270654d3a263b473138ab6a46eb3f894c746ccb892e54aa2e5b996cc9d406e74c3","ssdeep":"96:6sJ85gTuwwnZYRehimzjreJGL00ds/0OVCEVoUEL/G6W/5gre3q+4+bN2Ptld6yO:6sJxuww2m7zL00O/hMUZ/5gWqHxhO","tlshash":"16e17c1ae6c02a0b9fe12ae6d43d7db59f0bee98f0a400275679b17152582b340c7a88","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.206678Z","times_seen":76,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.599925+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/agora.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":92,\"pkts_toclient\":163,\"bytes_toserver\":17364,\"bytes_toclient\":221215,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/index-footer.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.124Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/index-footer.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:34:48 GMT\r\nETag: \"222b-5c1f9d7608e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2069\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8747,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d03fe2ed3d397522cef35cce3ccfdef5","sha1":"2ce8f3a0770015bab5252566bcf1f081911012b1","sha256":"0712c7099f54ae25114b051ccbf3fb9839510f44b5264bd35c9ecd7dcbb0dcec","sha512":"08bdda74911abbd0ccf053e941d2da9b9942b6bf8bb6b6a51ad07cbdece83c8773f5d092a58b5813a98a15b6eb2366c85bfde62a72df93d97c875bdea5bd841f","ssdeep":"192:aahEWjIMaWkOsxjujXO9oqJ1SKWOqtrE7XdSWShDMu0Q8xZ+OVJ96rN:GUWXni","tlshash":"f70223dc952301099b37d7a2dffa2648eb5150378a0544ac7ecca14e9fb567c82e2f9c","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.283866Z","times_seen":84,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.105457+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-footer.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2069},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":15,\"bytes_toserver\":2724,\"bytes_toclient\":12024,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.135Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/classic-main.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:08:44 GMT\r\nETag: \"179f2-5c1fa50bb7300-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 16605\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":96754,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1971), with CRLF line terminators","md5":"478aedcb9f2839569fb436564c5381e9","sha1":"fdd5bbc552ca032efd8256063d684fc14cbb7422","sha256":"cc114296107e6ad8f3277a17f77a0ce6831802c66453c966c03c08d6fe37bf70","sha512":"4ed876b0784dd1665caa2eb7eb7867da02f91133af19fd21cca7f7473677eeba9be77377f8b5fdfe7f7c86d0fdb48a36beb877c65aa94c27a0151cdcd3943bd7","ssdeep":"1536:B8iB7wO+GxnCxvYlx+ofUBf9N/eHSgr0d3R9O451hNiIoZ4COqb96qmx:B8ie9hyfUx","tlshash":"1793b81343c2590cb12aa764fa6b976cad3ad203f39425fdb9a65c2dc18d04765b3f8c","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.21054Z","times_seen":83,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":17,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.223799+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/classic-main.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":8,\"bytes_toserver\":2001,\"bytes_toclient\":5508,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/cadeado_-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/cadeado_-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:44:32 GMT\r\nETag: \"599-5c1f9fa2fb000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1433\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1433,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad9d3f4a15506e3b99992141fc1e0351","sha1":"92062658eae262f052677c5bde9cfa5fba6e971c","sha256":"2241780517e2fc3f2debd02a893a8d9bc61018def5ce2304ee95edf263e89bc1","sha512":"ce65d98b1f7571f2c4629d71fc92616582f64b5bb46869d6b8511300b98914416d6ab0db8d3bf1566bd54a257e452a869b836e9ab06fdb148f627381bf245d74","ssdeep":"","tlshash":"8a212f5b034ce4ad6ea14238d9b661c97374d853a1bc61e477532827e08e4f8756c3bc","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-12T06:21:14.218277Z","times_seen":108,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":379,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.550975+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cadeado_-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1433},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":93,\"pkts_toclient\":209,\"bytes_toserver\":13816,\"bytes_toclient\":293318,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/logo-mobile.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.180Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/logo-mobile.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:48:48 GMT\r\nETag: \"982-5c1fa0971f000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2434\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2434,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e878174c7aaee86f1f4366613165195e","sha1":"42b684d19c6510b1f910dac4a530f9859bad9718","sha256":"d3594f8107c86ecc828d17f4690cce9a6697b0bf7595e0a3c918122ccd135188","sha512":"2bafd22d4ba6ca8cba2eaaeac7ad2b9f7ffa31f32148b41b5be7f17eb7becb631fa54540b092ccfb485c41c91ea30de30eb2eef609542f4b92b7cb1f18467bff","ssdeep":"","tlshash":"d1414b7b4360dbe9ade0cb6c1bd0600872e58c917834f1d4af9f1415dcad4e7a16ca57","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-12T06:21:14.223607Z","times_seen":105,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.417074+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/logo-mobile.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2434},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":31,\"pkts_toclient\":54,\"bytes_toserver\":8656,\"bytes_toclient\":62427,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jQuery-plugin-progressbar.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.337Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jQuery-plugin-progressbar.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:21:08 GMT\r\nETag: \"995-5c1fa7d13fd00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 646\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2453,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ca95dcbc232361a14aa088f5e2639821","sha1":"beb416d372fbaddeb50306262c0d2d156d82ab43","sha256":"8cb129f5b809a07f2c176a3901be0b460b882f329b3be2dce9e20a7c5821d6c2","sha512":"c184551e6793a3da448bda4ede56449ce44ca88eb9d346d0dabe91550b6daa69a71c18a8eeb5872089d7d68d91763003d78a16cf926fe8b65d719975b641faf1","ssdeep":"","tlshash":"d451cd9db982118a2a3722b744bc2304e9fd719bd8034714be3e71e40ff0946fb026a4","first_seen":"2023-03-10T05:20:33Z","last_seen":"2026-04-12T06:21:14.222022Z","times_seen":129,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.370271+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jQuery-plugin-progressbar.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":646},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":49,\"bytes_toserver\":8736,\"bytes_toclient\":58978,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_seta_v_-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.716Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_seta_v_-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:46:34 GMT\r\nETag: \"1e5-59da57228e280\"\r\nAccept-Ranges: bytes\r\nContent-Length: 485\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":485,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8b1c4e698947bee8af5f3de60541b1e1","sha1":"029919011cb06c0e5b95749e65dc10380603172b","sha256":"93351e79fa4bc6a9119d6e499535743b28883e5b1f60ea0236dafd7c16b0b36d","sha512":"71b124e9cbc96af2a605dd59e37d3b21876947cbfad16e1d10d439c32bee956e6de0ba99d0a412f65f3e8072b1aae956b340194814749021343757392ccf97ed","ssdeep":"","tlshash":"eaf09e1887498c3df6618b24b3fcf2d763363081e38509ec859528fab1261452a93aec","first_seen":"2023-05-15T18:31:25Z","last_seen":"2026-04-30T15:31:33.297992Z","times_seen":208,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.735582+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_seta_v_-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":485},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":159,\"pkts_toclient\":268,\"bytes_toserver\":22824,\"bytes_toclient\":374074,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/jquery.mmenu.all.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.092Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/jquery.mmenu.all.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:47:06 GMT\r\nETag: \"a1ec-5c1f92cc9e680-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 5593\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":41452,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"dac2cd93806712415a646b3765e00fbe","sha1":"bd606147c371ac344afc0f7389375de851da6217","sha256":"f732a57286594b3db9db582d3ec55f172fee5c133a0983c77b80949018729b3e","sha512":"ce0f096e2819ab266e0493d029c8412e0569869cd325b1d20d4eb75cfafd3f6ffa86924d6a9e2d98c6567e6c9e45b71b96a1d3cb7433e1b603289962b03d59ec","ssdeep":"768:QN2vrTkz+kW1/4I3lsz2TWStBufepNyzN60ZWB2Q9qCNhO/a7nA5fMOncH4KbQ4x:6grTkKkW1/4QtBufepNyzN60ZWB2Q9qw","tlshash":"da1387166d5201809137937dd3c38f78eb3ce2735a1209bbfb86454b9faaa8840d5f66","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.215173Z","times_seen":129,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.053836+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/jquery.mmenu.all.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5593},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":10,\"bytes_toserver\":1501,\"bytes_toclient\":8060,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/rt-limite-credito-pessoal.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/rt-limite-credito-pessoal.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:04:54 GMT\r\nETag: \"11b5-5c1fa4305ed80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 837\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4533,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0825ab2156f7af47f360947d39247cf8","sha1":"a69bb1262f2e3bf6eaafc4681636a6187718c0f6","sha256":"5d6176de59bb7385fcfa761e0279511df9a95e1f174e0835876d3a9da77d4e6e","sha512":"2b5667b15ead14d9ddbdbafb0baae22c8db4fdafad763b48cc2f2d8c55f86e5add11931c417c2a5ba1db3d252703cb50b07614aeeec24ba3969c45afef42c181","ssdeep":"96:4s0K+YtRjfHRXuF3RjfnR3OULGiSinRXuNRXupR3OER3OE:o","tlshash":"b191ad3c8f813e495a75829cfac6b705173ea1d3ab17cdcea19d4469d38b28840b3d45","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.254507Z","times_seen":84,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.181533+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/rt-limite-credito-pessoal.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":837},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":17,\"bytes_toserver\":3882,\"bytes_toclient\":13329,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/consorcio_seguros.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.241Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/consorcio_seguros.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:58:30 GMT\r\nETag: \"f15d-5c1fa2c228d80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 61789\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":61789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 534 x 577, 8-bit/color RGBA, non-interlaced","md5":"d84f39a0f8689a14a3bf07c0c6e830ef","sha1":"46631ec8b872a51d02a4f77a546f7764b98a88b4","sha256":"74507a042464513abe3979139c7687eeefa6c2b1e2e8ab55b095c417cf496a0a","sha512":"9eb557a3535c68923b89cb68990d770047605231b6373a4270df1411ea6f1863f9869564e674b274a5e77ce05acc846ba5c35c30b324c05257b7bf083757d988","ssdeep":"1536:+B3QQm7/+tOjiE9VV2x3pLC87LEbkgQ5USTeT:x/AT39C8PEbk6T","tlshash":"c153f172c461fc9509dff9a8db06346342ea9dcbe6c7f604481a88d39da05718c98efd","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.27112Z","times_seen":74,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":380,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.640681+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio_seguros.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":104,\"pkts_toclient\":183,\"bytes_toserver\":19201,\"bytes_toclient\":249876,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/consorcio_seguros_hover.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.246Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/consorcio_seguros_hover.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:49:12 GMT\r\nETag: \"6376-5c1fa0ae02600\"\r\nAccept-Ranges: bytes\r\nContent-Length: 25462\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":25462,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 555 x 577, 8-bit/color RGBA, non-interlaced","md5":"2f37f60fa2ccb48e6e59534d5b6a353e","sha1":"67c4055d6830e9e6c74720128d91a5b573a0faf5","sha256":"d0e94a576420a62f9264577c76fba3e45713b05e97e47829b0d2d2ddda58e92b","sha512":"08de929efb574a280bde4e2fdffcb4f0caae7ee908ea62e162dece918e0d4acf6f56983cecb103d764a2622387d456db8a2f8dfbc5d77df24e9f7b4ada1f1667","ssdeep":"768:Ei4lRSOEAUqyatjOuv2B7En3S0vaEFA3gjC6/Q0EIb2nQdlC:EhleQVjVSw/vaG1C6/Q0EIbwQdI","tlshash":"c0b2e1fa31427a4a378977c702ad5d9958af9e0636e720b4acd894f0b1820f4c65c4ee","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.256982Z","times_seen":78,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.639742+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio_seguros_hover.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":156,\"pkts_toclient\":303,\"bytes_toserver\":22199,\"bytes_toclient\":436053,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/home.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.344Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/home.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:17:16 GMT\r\nETag: \"596-5c1fa6f3ff300-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 533\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1430,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"60494e4d7e721e53fc37ccfab4ad7234","sha1":"1b0cc7c8da87fd37575e0b2ab3efd8ed983fa2a7","sha256":"ba4e09b6dfdc7f0994700f747fe52169f6094fe058ac260977f1161e5962dfe2","sha512":"30e5a4f0bbe496179a78fa4561ac194a3fdfa2331bd7b7eb79489879a1acf8ca0990e8d2f03522085d64817ad0dc5696574a0a94394cecfa14fa7987afebd0c0","ssdeep":"","tlshash":"14218f0aba0c923f81ef621402bdfb469ebdd1203757a077f5d96924a214d3b65dc8ec","first_seen":"2023-03-13T19:24:49Z","last_seen":"2026-04-12T06:21:14.198445Z","times_seen":87,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.387842+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/home.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":533},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":50,\"bytes_toserver\":9342,\"bytes_toclient\":59926,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/tag-novo.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.726Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/tag-novo.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:08:34 GMT\r\nETag: \"83f-5c1fa5022dc80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2111\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2111,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced","md5":"1982383476e8e56631543d6cf5643805","sha1":"0b10cd3afa4ce113826f60f0a92b04a99c224de6","sha256":"3b091bbd74589274270939d0200aa6f2cb0a7637e9be102808d49e840d0a3ecd","sha512":"46aee5ef83bfcc10ffbe8990680ef79dc4ddc33f2920b3594fefd7fecc1f7b6c242db3d2e426c4f1d530887826148abf671ff8700ff411c51ed7a02cd896e6ba","ssdeep":"","tlshash":"29410a891698f398eaeb5b791476ebf9ecdcdc8b5c1eb48505a084b001a8da80bf5314","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.243481Z","times_seen":74,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.701883+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/tag-novo.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/classic-main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2111},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":170,\"pkts_toclient\":322,\"bytes_toserver\":24727,\"bytes_toclient\":462321,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/main-menu.json","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.123Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/main-menu.json HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:29:20 GMT\r\nETag: \"2f184-5c1fa9a675000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 192900\r\nKeep-Alive: timeout=5, max=76\r\nConnection: Keep-Alive\r\nContent-Type: application/json\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":192900,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"43abd82d3e1202c41b329d5e17ff9aad","sha1":"641a0155c3ef4ddb2cfb0470e0859c4d403b3f9f","sha256":"f53488950f6853334aa72ab1ae8cd2a517ebf7dc9130c7b49ee5be484c12174e","sha512":"a647b7b9e34f2faf1836cb723db0ba2006d0639b2fae2ce0e1a989b82c8055107392789a7ffd6231b59c7e27b1be89e61ff730b0456d95462843134ae9121ed0","ssdeep":"768:h9CgUf5gP4OfRLBEwmSEdZmT2NIWTQ9N0dZEVm:h9CgUf5gP4OfRLB1EdZmToIWUWZEVm","tlshash":"4c143833c4ba5cb648f20550a5683acefb49cb5f41848d1af6fed92c5ffe68a161490c","first_seen":"2025-10-11T11:22:54.906377Z","last_seen":"2026-04-01T02:24:39.835271Z","times_seen":47,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.139391+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/main-menu.json\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/json\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1152},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":132,\"pkts_toclient\":259,\"bytes_toserver\":21975,\"bytes_toclient\":360319,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/normalize.min.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.084Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/normalize.min.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:43:54 GMT\r\nETag: \"a39-5c1f921583680-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1125\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2617,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"bf5a97bcab0689637e0a30ab2f8eaed3","sha1":"918bd5ae9ee5918c4556480e03c7ae2ce48791d9","sha256":"0af15537afcc47a198c4123f1f3cc784a09872307c7b2e448c35a49e45dddc40","sha512":"8e95f6e7847f13324729868fa97285665c071c7caa31f91cf33aca7357d01923cebe812194c0bc1644f3df9ad3af16d509699600d3e7c9662f796d1e122ad684","ssdeep":"","tlshash":"6d51943723407a20e2328e233be777553f005672d456a12bf401caa8d6c7e3743a2f5a","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.272934Z","times_seen":105,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":1,"connect":21,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.025537+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/normalize.min.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1111},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":786,\"bytes_toclient\":1734,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/banner.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.131Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/banner.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:33:24 GMT\r\nETag: \"10cb-5c1f9d25ed100-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 987\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4299,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"3b524824cf0b9d8c14cce3f8ef72f66c","sha1":"b19f6eaedfe464c08f024e1175e7ec7370a4e8aa","sha256":"359b4254ae57596456a23f784c008b7f4375acf6ab3c51ca9aa0e3c017bec99d","sha512":"55ae561772b7cda0553b4a838c8afd81e8cca6dd5d3bb7917f5e709100b1edffa7b7f2d1f9f9c3f0bad93d2bff301ac8db79d8ad4ea24a07b4c7ef52a3c27c19","ssdeep":"48:bo3PIT0BIWWlVbloTndiA0NjFfMfFfYZ1MpfNvqe:c3PITiJM+V0VKi21","tlshash":"21910e11fb6a267c842ba31ab950fdaef35c3405d64eca60eae70b11c659861b41dfcc","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.241662Z","times_seen":84,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.122517+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/banner.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":987},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":13,\"bytes_toserver\":3845,\"bytes_toclient\":9893,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade_contraste.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.165Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade_contraste.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:46:14 GMT\r\nETag: \"414-5c1fa00441580\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1044\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1044,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"707ea1b96e9c7a8e804365f34a42decf","sha1":"6f6918f9aa9e31e79ed7061d39ab72ec9a99753d","sha256":"eb4d7848b0ad28c20cca9e7921aede13fb43fb856dd60276d83436f08aa87749","sha512":"0256529d6f1cb4e1736a6ec33da8f98bf0ff7128a617494e61122d0606b7e0d7867ba3d59c7500d81839a2b3835454de8a771970fcb567beb704169273b2939f","ssdeep":"","tlshash":"a61112b73a69a42660150391d7c53b84d03fbc43a972188df7e216b78b3157b286d3e4","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-30T15:31:33.305208Z","times_seen":207,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.399586+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_contraste.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1044},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":52,\"bytes_toserver\":8590,\"bytes_toclient\":59572,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/002-m.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.197Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/002-m.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 24 Oct 2025 17:18:28 GMT\r\nETag: \"ddf0-641eabcec0100\"\r\nAccept-Ranges: bytes\r\nContent-Length: 56816\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":56816,"size_decoded":0,"mime_type":"image/jpeg","magic":"RIFF (little-endian) data, Web/P image","md5":"8446ff84f74e14d20d0f9da0814584fc","sha1":"879d5f68a9c6cca000cc15620aac0458210a5e05","sha256":"491fdd153240406d09df5bfb9c6a0a9e24acb998c2c04f5d7d9e51d147726ad6","sha512":"856828c9067c905195e39f2a2cce59710af02c061d0940b4d23c685e3fdb84771beed62adbe63c066718dd27858befceca368dfe24a7d7df7b44c8ef3c0bf4ae","ssdeep":"1536:SFqZ7ZHQktNVInwoMOEw2Cid0m9Im2xPtAfU+RZ:SF87xQYNVInRMOf2Cid0mj8VA1T","tlshash":"3543013f536087d4fd900573363387b2df96394bde503a674a4176b2a822c9ea2ec990","first_seen":"2025-10-22T23:03:46.446432Z","last_seen":"2026-04-01T02:24:39.826557Z","times_seen":21,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":17,"receive":20,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.435692+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/002-m.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":42,\"pkts_toclient\":67,\"bytes_toserver\":10878,\"bytes_toclient\":77360,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/cartoes.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.210Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/cartoes.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:54:48 GMT\r\nETag: \"17f0-5c1fa1ee71a00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6128\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6128,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"366ca8926f417446c41ca1906c233837","sha1":"491589cf45df0450483d64b3a91ccc6824678342","sha256":"b5f42007a362d6c4c84728416834c2fa502110219a7fb54187ff6c0838556664","sha512":"bd7976ca0855cd4d3c986619cee9e311250b9d6dbfe53066faa4f3f2b967d77f0eb387bbcccc40507136075fa9b2c4463c00c9ffad4e1697f81c73f0fda252b5","ssdeep":"96:wyWLM2uP4b51AX4nI2u7e+nexhMLfvZUIbzWxcrCUHlTgz0XFlw77QO+v0G+PypH:wT9uP4b5aX4nIzZqhqfxUIbzWxcHlTgW","tlshash":"5ec16d9ebd92a025fc2f979a2a7b7fa4567101c20bb0891842136a411fe499a8cd308f","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.270178Z","times_seen":76,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":360,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.587754+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cartoes.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":97,\"pkts_toclient\":216,\"bytes_toserver\":15120,\"bytes_toclient\":301801,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/popper.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.298Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/popper.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:13:12 GMT\r\nETag: \"4af9-5c1fa60b4ce00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6918\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":19193,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19015), with CRLF line terminators","md5":"b1dbc64f8b1dfe0c089dd55b09bbbc72","sha1":"a7da3b9714e3bf1f6fe61fdd30a96006431d0756","sha256":"193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22","sha512":"ccd711a6f662d71f238dee07fba314967df747c1f690bd4c7121e62ea5c360ef532e7b85c91310312798f26dbdc1c5f7f9506c416d7fabc3e71a1da4179b7ba6","ssdeep":"384:LCbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb96q:Wb4xGmiJfaf7gxQvVU7eziv+cSjknZ3R","tlshash":"bf82a3cc3291b07643a79167a06f960eb2339979614e9420f199f2d87c70ef9913fc7a","first_seen":"2023-03-07T01:30:30Z","last_seen":"2026-04-30T13:41:39.680193Z","times_seen":2837,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.245285+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/popper.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":47,\"bytes_toserver\":6399,\"bytes_toclient\":53948,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/js.cookie-2.2.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.317Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/js.cookie-2.2.1.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:16:36 GMT\r\nETag: \"66c-5c1fa6cdd9900-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 865\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1644,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1611), with CRLF line terminators","md5":"3daccdfd841681a5f5c57bbb643967ef","sha1":"84b038e22749d67a5462c1189f42f6bf343c01bc","sha256":"3c2eed95477b5811ac48e9da8f6a71f936c2ded06ff5303f0b30fbd18f3333a8","sha512":"f10babba1c13a4ffd9e12569eecdfad1afdf920bfa41937c687a94249b96da8d01c32578c875cfebedf7d3739237eec70999eca3ae1afc4fe44b2cffa8ee343b","ssdeep":"","tlshash":"a53175c8716db844426f5431a7bf0347b1384a59ae89ea45930ce4f43a3146fc26bfeb","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-30T02:55:54.874704Z","times_seen":165,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328039+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/js.cookie-2.2.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":865},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5395,\"bytes_toclient\":31597,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-footer.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.322Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/index-footer.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:17:56 GMT\r\nETag: \"9fa-5c1fa71a24d00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 679\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2554,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"0d43ffb0cb50fd8ed48f089187014dc4","sha1":"ece10477d5fb34adc27f9e192260a4e8a9ae98d2","sha256":"ddea64a5330992219dbf9be8723cb85d28d0f84511b473d06ce77c319aeebb36","sha512":"63ee442857afe39f882eeafed1f8ca04ffb0425fbe182db30743a0543f044bd17fa7de4e40d77bb5c5744f13de79c280abba323bbf1d0b3054541bbc7337ddad","ssdeep":"","tlshash":"57519d78021b2035c67b735a8edb644cfb61815be100693ab9ace64d2ff0e0946d6f9d","first_seen":"2023-03-10T05:20:32Z","last_seen":"2026-04-12T06:21:14.235023Z","times_seen":93,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328671+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":679},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":46,\"bytes_toserver\":7541,\"bytes_toclient\":55711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/structure.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.086Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/structure.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:44:10 GMT\r\nETag: \"9529-5c1f9224c5a80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 4788\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":38185,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (677)","md5":"e6559366f100fb670bbf1349cf893ccc","sha1":"00118492f0939c55ddd959e6a5af951d1b94c99f","sha256":"937b0acc7bda861181bd14ba9bc4d49f950d23d09407d230a8a962cd4fe9e344","sha512":"4118568dfa6d525b9d11dd1f91daa3091b09859d80d7f7aeb3181b54acdbbfd1db43de576f2e675b5ea038df3caf0a5cba56dea046f5839ce3656a211db29a18","ssdeep":"192:7YVc/x96ycsNGNQ0wCF27Xuqd8GeKzGK3JmGursNNNAOkTxElLWv2xOaK3JDrOs+:7XTPCm6vpVW/FsFfb93BDkA81","tlshash":"cd0311c3ceb318077037d9f679a6991a633964a3a66edd1ab3ecbe54df070c14062643","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.250679Z","times_seen":124,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":1,"connect":20,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.031405+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/structure.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":782,\"bytes_toclient\":5530,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/flexslider.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.127Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/flexslider.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:33:12 GMT\r\nETag: \"1c34-5c1f9d1a7b600-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1612\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7220,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"af1fb83b985edf5824ea96d525b99b30","sha1":"3a84b316c624898c92b7e73fdcf1a8fa670c48e0","sha256":"b9d715e750700abc5fa09ad791c5165a731cde47b79bc346e4bfce3c06735b8c","sha512":"800b0110abfc689a8b0c1aa9c46097fbe678c035fabb5b747f42dc430e9b362caa5a4e06156621bd539cac7ccde5526cece0a731285bdf8c0f55514836bc7d9c","ssdeep":"96:x+cmVxd4FMQFqdevNe+TcdPtqexW4KJdoX:qzAJovSexWDJqX","tlshash":"ebe1f0bc52641340d633c77cab92ce1defec80618b12414ef9f45a35d6ab3498a72ed9","first_seen":"2023-06-19T19:39:17Z","last_seen":"2026-05-01T02:02:56.686175Z","times_seen":165,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.104892+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/flexslider.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1612},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":33,\"bytes_toserver\":4518,\"bytes_toclient\":38760,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/cielo.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/cielo.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:56:22 GMT\r\nETag: \"4d76-5c1fa24816d80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 19830\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":19830,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"630a07837484c44b06072186d9fea15d","sha1":"ed9d419c9df9321b45c51b3bda04ecf323cfc0d7","sha256":"24758f39daadf47821dcbf88a3ae1b632f622ba3f1ff24c4643d55b331b890ff","sha512":"c18894f3fe46234eccafa99c4108fecfbd2a0e20ba32ae61c1aaa159d897bb94758648a7ce54be570c9b8d948f17a80555e2730250976db953ce4a04696dfd96","ssdeep":"384:FL56MlbM9buscB+CTWcY5FPQYghpZuc3fZeb5Pj46j6/QPEUctsKu7yshBoq:FwMlbM9burric6PQYghpZxfZel4hIPEW","tlshash":"cf92d0698bc60730ed8b3c5ab351635e284c681976d5a693e3833de6f2783d771039e8","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.224798Z","times_seen":74,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.619674+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/cielo.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":96,\"pkts_toclient\":169,\"bytes_toserver\":18145,\"bytes_toclient\":228860,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-pagamentos-white.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.252Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-pagamentos-white.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:59:12 GMT\r\nETag: \"8a5-5c1fa2ea36c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2213\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2213,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0e59a3b43c576d4cad8ee4b1e65e937c","sha1":"bbcd22a426a4c25ae9e01597a92450cbba7009fd","sha256":"071c3ca18a30559ea6655f3bb33400bcbbea7fd035e890a33775259e3bfa2cc8","sha512":"a68aa227ae7ed7046717553b43cf6e8eaf17dfd4c4defb966c63c7ff90eb80a481b1ecd2ed0e1f9aaa611020bbf53f0c98d9dd5a5d189b7b2bb244fd1d3b3f80","ssdeep":"","tlshash":"af41cda95604f24c780dc858dd36a860562ff49f72ffa3d811aadb72e01e9d4e94181c","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.18533Z","times_seen":74,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.495238+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-pagamentos-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2213},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":47,\"pkts_toclient\":122,\"bytes_toserver\":10761,\"bytes_toclient\":163744,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-cookie.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.328Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/index-cookie.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:20:34 GMT\r\nETag: \"1d26-5c1fa7b0d3080-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1723\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":7462,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"47ef3a0fa85a034d46bd6de377dd27dd","sha1":"39f12a42517f912304ee3055820e6e1456a74396","sha256":"4a23343624380d36f08393384c53c46b534f375f2f311c5496ee108e53e38ffa","sha512":"edd686a67abf35a99d73a4bf10692cffc22226be2e4fd58ab0c36ba91db255870df3a3cb408c1c5311bae916397e7d125849154d5e0f0a3078e769efae68ca94","ssdeep":"192:QSG8MT12jB3uj+WObaCiGfXU4XbrbFS++:Y8q8jw","tlshash":"5bf142793545162bbc376796ef961b44fe1446134208cfa9f6bce1091fbcc8219f2d68","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-12T06:21:14.221301Z","times_seen":84,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.347601+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-cookie.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1723},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":31,\"pkts_toclient\":48,\"bytes_toserver\":7607,\"bytes_toclient\":57917,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/index-lightbox.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.123Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/index-lightbox.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:34:24 GMT\r\nETag: \"54-5c1f9d5f25800-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 97\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":84,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"13c3bebb5a3f290ad954ee27ab4111f6","sha1":"47fe2b9b3c37c74f13c2a320dcc146732050fde7","sha256":"a8c727810f0766338d182e66b4f6cd530015edd3ee166b9683e06dae451abeff","sha512":"26fde0819f9af5f1f3910e74a086aa82b1572fca9e1c5280b5bceca2ef8445da0966f57725dd4a365eea0dfcb5ffab911cfebd91f4be0f4ddc8169144f4d64d0","ssdeep":"","tlshash":"b0a012206101a1000422830105635b2576251102084322137405f50c0bd3440c40de30","first_seen":"2023-05-15T18:31:25Z","last_seen":"2026-04-12T06:21:14.325089Z","times_seen":89,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.101588+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-lightbox.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":97},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":15,\"bytes_toserver\":3357,\"bytes_toclient\":12346,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-mais-facilidades.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.254Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-mais-facilidades.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:59:46 GMT\r\nETag: \"3cc-5c1fa30aa3880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 972\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":972,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"077e81dd771212174537a31ef66c702a","sha1":"83fd8ed0a374276f703ac7c49debaf5ca79758da","sha256":"ff02a1991c9596c1be7806b2d19fb937cf5a0662ad6b1af31d96253458e9af72","sha512":"7c2064a136dd86551151e4d8c6ac2dfd45322caf6ec98f8d180a5435124fb63d03671aefa1e8535133f8797dada4a5e82b5959fc25b4a81896a04d809631fff4","ssdeep":"","tlshash":"de115eca75599c78a82a08e87fe5ba51406f766f331d3be8f0f23630511f7e134a2691","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.238627Z","times_seen":74,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.499920+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-mais-facilidades.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":972},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":57,\"pkts_toclient\":97,\"bytes_toserver\":12964,\"bytes_toclient\":124467,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bootstrap-select.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.296Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/bootstrap-select.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:13:00 GMT\r\nETag: \"11482-5c1fa5ffdb300-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 15725\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":70786,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"f797f23ed6aa8091e31e48c507870a71","sha1":"697cca24565fcab18e1a8c335108b44dd8ae4b15","sha256":"f936cd97250abf98c66c00417750410c802d6494a0c21467dd75580c89310789","sha512":"824abd088508b089ee89ce58ac44d9414eb8c34c00f45be4f0a3e667faf0fb6182a6fa8c3c5b148bf34cf35c8aabd87d53809dfe3ee2ca3377ec032709dfd263","ssdeep":"768:x+H+VLQK9NCBHpjI1T9fhGmsyZ1vSnmfyFbqCF4Wbx5fE4Ss6:xwyQXHGnkgsqCFXbLE4Ss6","tlshash":"ca6364493656223185bb22bb9e5e584cfb39523f4502426578bd42c86ff0c20a1f6ffe","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.28003Z","times_seen":136,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.273635+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-select.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":25,\"bytes_toserver\":5316,\"bytes_toclient\":25684,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index-footer-mapp.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/index-footer-mapp.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:26:30 GMT\r\nETag: \"690-5c1fa90455180-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 526\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1680,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"28dcf13c93f6f6b66b90f6aaa149722e","sha1":"56c40ddfed1459a67f5aa35e01539b2de3072114","sha256":"a265977c8330f72f64f864d3453be85da3eb9fdc9242fa205b3d2f87ea0d7333","sha512":"65483002cbb1be5d258899cd8c42f960f924ed9fe6fdae1c9229f8f16bfca0a4126e2c31fd9be32d8a91c29d4e56164180690cff3905ce59be514f4dc0ffa972","ssdeep":"","tlshash":"91319a2f12561072c87b62599d3ea68ce7e0213b4411e6027c4dc48dbfb4c4e59e3f2c","first_seen":"2024-03-05T19:59:08Z","last_seen":"2026-04-12T06:21:14.262533Z","times_seen":86,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.328584+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index-footer-mapp.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":526},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":45,\"bytes_toserver\":7393,\"bytes_toclient\":49365,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/wlStyle.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.127Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/wlStyle.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=73\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.148527+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":27,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/wlStyle.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":150,\"pkts_toclient\":296,\"bytes_toserver\":24466,\"bytes_toclient\":414137,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/desco-novaPONTOS/css/menu-dist.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.186Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /desco-novaPONTOS/css/menu-dist.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=69\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.243586+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":31,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/css/menu-dist.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":289,\"pkts_toclient\":548,\"bytes_toserver\":36342,\"bytes_toclient\":799941,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"aaab/weblibras/auto/wlStyle.css","fqdn":"aaab","domain":"aaab","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /weblibras/auto/wlStyle.css HTTP/1.1\r\nHost: aaab\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T01:39:33.509705Z","times_seen":14450037,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/font-montserrat.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.117Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/font-montserrat.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:30:38 GMT\r\nETag: \"cfe-5c1f9c879db80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 332\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3326,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"4dcf1880a18b2bf4ba8aaafaf2948073","sha1":"6fa7bef26ddb6a7f39792b75b13c2888ee61d388","sha256":"b75fc98f5f522d160b7ca515f813e28d7ce5b9752600b2403b976d1a9e94ff73","sha512":"c8c138130870cfd2a08d4ec6d6ba323bbe7332a75843b50ca0b6025e53e69d6158efd1c186a049d36d9f8ab38a4b4fb0f84382d24ee2017e9099f640a6abc38c","ssdeep":"","tlshash":"2161a2447b8a720179310c0f73aa1b11ce4e20bb7152812377bd6e99bff79614660b7e","first_seen":"2023-04-13T00:52:13Z","last_seen":"2026-04-12T06:21:14.232339Z","times_seen":105,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.093828+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-montserrat.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":332},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":11,\"pkts_toclient\":12,\"bytes_toserver\":3283,\"bytes_toclient\":8504,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-sac-ouvidoria-white.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.248Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-sac-ouvidoria-white.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:49:50 GMT\r\nETag: \"22d-5c1fa0d23fb80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 557\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":557,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"62d30c7cd1ee6643ab9f440b6fdb315f","sha1":"12877bb59e7952fa17050edd17726a7966eb0bd5","sha256":"feb00ef2de0a284d87f8f5e233f7bc5ca2bd604dd24078c6e2c7385bbdc7c28a","sha512":"6e471bc8c40143298f58500e13b72bb12a273588b4c28baa2c3d6484ea3eac367e804206e78fc66f9b27f0b47c85718271f01ed73aca4a7b96542de5d4110e9d","ssdeep":"","tlshash":"d7f08b2d434c8f2c2e90cbe1eb247224022da4e6704ba368daa31234d7c51ccb13f6c0","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.257829Z","times_seen":74,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.660174+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-sac-ouvidoria-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":106,\"pkts_toclient\":227,\"bytes_toserver\":17858,\"bytes_toclient\":315244,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/open-banking-bradesco.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.262Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/open-banking-bradesco.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:00:42 GMT\r\nETag: \"1ae22-5c1fa3400b680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 110114\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":110114,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 250, 8-bit/color RGB, non-interlaced","md5":"1049226500194c467d5a7e9a3d61133c","sha1":"2faa3b70efced299163f367487702e5a0d893cda","sha256":"8106e797b2ac70fe90a9122e36210a606ba0bc85e2c855f02a50adfb2333e245","sha512":"ac446352fdbd876ceaa5ad0dcec5c09d806e100a6e0b6c2df967490f8a29b9d8462213b2eec45851fcf9f66c9e937532dbc6cd2a187a0b4e606d9de61e464694","ssdeep":"3072:mxcp7yCey4+kTaQ+6tDnAe5ACgXvkH3T8Pb8yyhZNM1X1:GcpdeyQX+6tDvTg/ryhfM1X1","tlshash":"c3b312d0cec6ada9b323a54608974b7a589d43c233de32877819ecd291c79fad102777","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.23301Z","times_seen":78,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":235,"dns":0,"connect":0,"send":0,"wait":24,"receive":18,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.521036+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/open-banking-bradesco.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":76,\"pkts_toclient\":133,\"bytes_toserver\":14648,\"bytes_toclient\":174503,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.placeholder.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.303Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.placeholder.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Tue, 04 Feb 2020 00:49:06 GMT\r\nETag: \"a70-59db5682d6480-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1132\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2570), with CRLF line terminators","md5":"337a3267bc5425ed08387355dc6b9a6b","sha1":"7f6a574e7db0a074b46f04fa45f1f0122e6dfd31","sha256":"ae26550dd034a9cd31ea83be9942c0bd8f2ffe060f579a3377948c8a441d1b7a","sha512":"ae1b42ffb39062e286f86e86402af420a5ff4f57551df0c5e1f78990bd672517191f8b2447170c642ee23e727cdb954f6a0bbbf6b0e8162f02c612d26820e444","ssdeep":"","tlshash":"a451fd4c76a6b6f6557bcc70007fcc05a132a39be21a9485a153d6946b78cc8d732dcf","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.217006Z","times_seen":145,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.265026+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.placeholder.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1132},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":40,\"pkts_toclient\":54,\"bytes_toserver\":7169,\"bytes_toclient\":60265,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.easing.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.336Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.easing.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:20:58 GMT\r\nETag: \"2071-5c1fa7c7b6680-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2005\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8305,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"c1f9ce3b7ae378e2e50bc92e1e97e517","sha1":"7fbd9db94fe93db1c641c663325871688f0a0d53","sha256":"d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea","sha512":"5347765165704075ff97a41abb7afd5724233b24ae1d34003b45c5476dafdca54605af1c58c13be57819ef0fe359ee852ba6dfd8f382d657bfaa49e7b1843247","ssdeep":"192:ytIOrPJrLEsq3w3r4ZVoicIQssRcqtEO6o3XRlOrPJrLEsq3w3r4w:sPrPJrLEs0KrioicDss2qtL6onRwrPJn","tlshash":"2d02244872c1631b41b9f360763a4d4bf078a42e922f491fbc5c50a5be7a22dd37ad78","first_seen":"2023-03-07T01:34:36Z","last_seen":"2026-04-29T22:39:50.438168Z","times_seen":1305,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.365255+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.easing.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2005},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":30,\"pkts_toclient\":49,\"bytes_toserver\":8022,\"bytes_toclient\":53156,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/check.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.703Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/check.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Tue, 04 Feb 2020 01:11:12 GMT\r\nETag: \"52a-59db5b7368c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1322\r\nKeep-Alive: timeout=5, max=76\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 17 x 29, 8-bit/color RGBA, non-interlaced","md5":"622ab8680dadad958c6d19f991259b43","sha1":"7d6546fb739dce59d1679390c3947b1f50d0e832","sha256":"ae22a761536fca68c0ab2d5121f74b36aba52455b48a43bbbe5b90e53ed2188d","sha512":"e02343837f9b583030bccf874ac826ed107dfe465be2605eefbf297b16293d69428cb8cd57564e89db8da2a0cf6b8b535d20234c72a362f1065540c4aff9a593","ssdeep":"","tlshash":"6c21a21afa00b8809388f99924e760a788024a8096c5f8683c8fe0330d301f980b9fdf","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.241091Z","times_seen":127,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.678940+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/check.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1322},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":168,\"pkts_toclient\":320,\"bytes_toserver\":24052,\"bytes_toclient\":459793,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/owl.theme.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.104Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/owl.theme.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:48:12 GMT\r\nETag: \"747-5c1f930b8fb00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 664\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1863,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"7abc59400b2cc5ff506157a90a87c895","sha1":"db663b4cfb91c22a3a18e6e1753e6a2fdd4fef9e","sha256":"1bfc698c61ea2c0a576c67c687cfee0092e0f199c5f4adaf152349d98e9e580f","sha512":"c4fc28da6671359c11d603c4cffa2490fb9cac53e79a0d464d7143f5e9b5aac89b19fc1f55c6136e77daf82575c09d0b0d81e57faf73cb37e972288afdcb1159","ssdeep":"","tlshash":"883124f8a61d121d613348ac3738cb838e4e2126870669f8f4da74b5a149518363f399","first_seen":"2023-04-28T07:57:13Z","last_seen":"2026-04-12T06:21:14.205028Z","times_seen":107,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.053717+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/owl.theme.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":664},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":8,\"bytes_toserver\":2128,\"bytes_toclient\":6661,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-boletos-white.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.251Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-boletos-white.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:58:52 GMT\r\nETag: \"401-5c1fa2d723f00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1025\r\nKeep-Alive: timeout=5, max=76\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1025,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d353603df66af9fe63f9e58ef0d47c59","sha1":"49fc97da478f717b89d796988cfde667d55c097f","sha256":"89095d0491aa0b3d2397f9fbf915f10200c57e0f7873d48294951cb7ddbea35e","sha512":"6386950c486f89ee35923e92e2282fd7870198102225e957316fe6dc0ee86a49ed3c8edb6c2ccdfb8f039269f634b8da24f50ff095bb315ce30240f96c75355e","ssdeep":"","tlshash":"5b112b58532d85fc776ec974269b5a28c20ff46f73ffc114648f8030d52704eea95562","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.276252Z","times_seen":74,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.665910+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-boletos-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1025},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":139,\"pkts_toclient\":279,\"bytes_toserver\":22489,\"bytes_toclient\":390834,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/destaque-2.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.262Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/destaque-2.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:46:32 GMT\r\nETag: \"606f-59da71f31a600\"\r\nAccept-Ranges: bytes\r\nContent-Length: 24687\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":24687,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 321x352, components 3","md5":"6503b0d773ad8be6997eba22e104ef9d","sha1":"13f1c7e8476e3a7f6fceec957fc772464c51f397","sha256":"dff2c71229b3d23b56fdfc177d0434b2892b909caec6203ccf5c93f5642cd6fd","sha512":"0f9521c166a841f01069a415152c3574e031d8843c7fcd92f4ccaf5c2bf495532aa878b0fd8d4fa0ff69e3ca210429863522b1dfa161fb02e7f7d20e5caabfa9","ssdeep":"384:euz0nozlBtvyRYxXuQ/E88g2LsOoL66I/HGJtYw2obTFZHaMsXMZr2DWajuajB:P0n2lOkE7NQL6r/GJt/xbJJNk6ajB","tlshash":"75b2e127ace314ce734c28b348733e5745c691c2786baaf471e5d47a1e283946e26bd3","first_seen":"2023-05-03T00:36:11Z","last_seen":"2026-04-12T06:21:14.193592Z","times_seen":89,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":236,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.523717+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-2.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":80,\"pkts_toclient\":157,\"bytes_toserver\":14477,\"bytes_toclient\":219247,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/facebook-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.275Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/facebook-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:18:24 GMT\r\nETag: \"35b-59da791287400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 859\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":859,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad099937c4b8a6f5f1fe4f36a1348826","sha1":"8bf15903eec15d9cdc7e00dc82bdbdc07f7769df","sha256":"03d7baf5e3f29b76869ff41fc1b4f2ec8db699b6dab141b862efa7ac5d5c89ad","sha512":"f3467043903265e3d0a53c1ec27caf644d857246ac905929fb18bbe293160e7ded086bf2f420d11fee24391065e848895a90c027052a5d2dae08c2b471ceeedf","ssdeep":"","tlshash":"ff11ef0841997a2ce931c170e1dc7296e935208292c923ecf8df303bf7394e5a9ab49c","first_seen":"2023-05-27T11:04:38Z","last_seen":"2026-04-12T06:21:14.186251Z","times_seen":86,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.557537+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/facebook-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":859},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":95,\"pkts_toclient\":198,\"bytes_toserver\":16946,\"bytes_toclient\":271519,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/lembrarAgCta.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.282Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/lembrarAgCta.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:10:50 GMT\r\nETag: \"f4a-5c1fa583e0e80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1429\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3914,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1575), with CRLF line terminators","md5":"1c31a2cc86372207e313fdd2cfbcd08e","sha1":"baeb6e0f4a5ff41f18654fa6fe1cc6b4ad791c06","sha256":"5965905332c8e58505504d982b76b017db4bf598ca4e77cabfcfb5d55fb3bd55","sha512":"8e9b5e19a4177e59ca91a08135a6856bbb2daa963cdc6acca81adecb5ff6bcd134923b0d42bd976114549601b5ef650de301a8d1e1d73bb126b1c3e48438f076","ssdeep":"","tlshash":"9e81105a3189146e0ef92fa72e7b2389ec7483101a1980f9ec099eb4d170d85657ffb5","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.234292Z","times_seen":127,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.168572+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/lembrarAgCta.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1429},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":20,\"bytes_toserver\":4051,\"bytes_toclient\":18029,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.color.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.294Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.color.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:30:28 GMT\r\nETag: \"433f-60e9414d95500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 5391\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":17215,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"74f63f45bc3349e713659dda62542d0d","sha1":"e3e9389e72f554ee8254087080a1e91cf68bafe1","sha256":"384a8cbaae93f726bb5309c54fa910e8b501f09c65247beaf1e2c94b9d6a1108","sha512":"23964b320970fe46eec369ecdee8a7d6e51a74f55edd485528d3703072158c9ce7f179990061d6b01452e705c82410d890daaa4e2082b64bd7be69bbe20bbd8f","ssdeep":"384:QObqzeL0tbwt5jkrEySCQ8e2vVgFoyIsw:8eL0tbwt5jkrzde2vVqIr","tlshash":"cb7212d8b79f505f4ba27394883a8148ed7ee435521912bcbd8e94bd386084e8277f7c","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.847512Z","times_seen":64,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.230388+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.color.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5391},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":27,\"bytes_toserver\":4576,\"bytes_toclient\":25320,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validanavegadorexclusivo.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.310Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/validanavegadorexclusivo.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:15:48 GMT\r\nETag: \"1ac2-5c1fa6a012d00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1495\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6850,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"9e043fcaccf060a7f0340880b71cbb1d","sha1":"a89d3a70de7aae8a88765967438c09089ea2b8f6","sha256":"2ca136c51ee6c6552fd5ea583d26279c43b9d34518f0cc8b248e323c02ca8407","sha512":"34565cc68ca35099e58a9b47874d42f01950e41b934ff6c33d6a1d734a52b1924376670ce729120f6296ceda0f604b56f569e3931ffd9b2807e6ecdc901357d1","ssdeep":"48:V3VAA8D86TZ1ZyTZe5IUCIB7CCvPZq30YXdrN1C7pnWlbXz85aG85Zv98ya2FjO1:0TD86rZyTZGWT5p2/DgDHNDHa","tlshash":"78e10d68390e15f7ca3a276665330984ee47052744c2aa44f2dfb8941fb0f66d52ffca","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.240394Z","times_seen":86,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.296989+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validanavegadorexclusivo.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1495},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":28,\"bytes_toserver\":4248,\"bytes_toclient\":30317,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.flexslider.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.333Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.flexslider.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:23:26 GMT\r\nETag: \"e392-5c1fa854db380-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 12301\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":58258,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (325), with CRLF line terminators","md5":"906c3ada1ed07698ef53c03300e37368","sha1":"7b92daa3c1e06dbed385924b5255f13862091446","sha256":"f51f0c4edcbac97d9f699e97ea26f1954e9622ccf82846cd2a31816a23a7b58c","sha512":"165ce08043833f3313430db253ee0521cd13bff24eec6d6b1e787521e3ddc5b00d6f76255fdfd515f87d3157ea5915dc83134b7891d9219170a8914143405106","ssdeep":"768:7zW0ppd+nZhSutD+DK/xNm3OdhZRuj5GhYch9ycnL0r:Ghu60j5Jch9ycnL0r","tlshash":"7c43101a6521166688b373aeaf5adc18ebf743538019865afded420cdf7041443b2ffa","first_seen":"2023-03-12T06:40:40Z","last_seen":"2026-04-12T06:21:14.209842Z","times_seen":134,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":31,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.376033+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.flexslider.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":52,\"pkts_toclient\":74,\"bytes_toserver\":9447,\"bytes_toclient\":88929,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:21:33.632Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T01:39:33.509705Z","times_seen":14450037,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":40,"connect":16,"send":0,"wait":0,"receive":0,"ssl":30},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/logo-mobile.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.177Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/logo-mobile.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:47:34 GMT\r\nETag: \"fe0-5c1fa0508c980\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4064\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4064,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 168 x 38, 8-bit/color RGBA, interlaced","md5":"03493a0cdc4f0d77a8e56cf094a189fa","sha1":"b8533559f6f90a49c58a12f4166d6074a12803cf","sha256":"6b933e03e777db7ab9c63b0e3e5878a6b2fcda57cf676b32e71030e2c04cb411","sha512":"34d50f6c1bb3523255bafbd9bae0340332bf72fb9f455f48d134fc4d7531ab1472a957b1aeb525b0576eec69ba45f1126698c95f90a9c5bef1a1420290c9f39b","ssdeep":"","tlshash":"ec816d0fb4817cc24542945558c7d9973166a9b80fa3f0197dcc887829f073d6a1d5e7","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-30T11:22:36.733676Z","times_seen":108,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.415183+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/logo-mobile.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2611},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":58,\"pkts_toclient\":84,\"bytes_toserver\":10901,\"bytes_toclient\":103438,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-renegociacao-de-dividas.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.253Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-renegociacao-de-dividas.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:59:22 GMT\r\nETag: \"b36-5c1fa2f3c0280\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2870\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1c7ff188de395c05f1310079205ae3d4","sha1":"616ae76a37865f4b75c1d884caa40e009bd59929","sha256":"77207fc7204674492e74429c7bb964620cb7675a252316ac8af6fbdd0f0f5b49","sha512":"a4241586008f5ea84c830608fc87c5f6f5920f4dc867d6ff9a1695b700a65d5860204e21dd979364e24da1bc6acd60e1b0a82a7c8b7eaadd24b3e57d53002a7d","ssdeep":"","tlshash":"a65110e1574575ac310fcd48ee2ba750520ff8afb6fb53d5f59a4b3ac04a880e540e14","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.207175Z","times_seen":74,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":221,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.494115+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-renegociacao-de-dividas.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":99,\"bytes_toserver\":9011,\"bytes_toclient\":132135,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/twitter-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.276Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/twitter-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:18:50 GMT\r\nETag: \"e62-59da792b52e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3682\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3682,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5d83d1ece45723c3edd3d214f03edb04","sha1":"dbea1b5039bc3bdc28596791b2549722a9e6d292","sha256":"aa97ca4b45113be52bfe21f542a10d148c228916555a64665de32d210f1edb91","sha512":"105ab7d190c295b09fb9da898b36db1d78f7b4721d4909ea016fb3470298f2f5f0ada749ce5f338fd84adae317a7a3a34363de3d0e893586e0a7b89a3059e816","ssdeep":"","tlshash":"5171ed170359d79cbea4413ce475210ab5acdcc3a0b8b2e4b7632427e04d5f9f92dae8","first_seen":"2023-05-27T11:04:38Z","last_seen":"2026-04-12T06:21:14.190798Z","times_seen":85,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":272,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.567533+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/twitter-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":113,\"pkts_toclient\":184,\"bytes_toserver\":17151,\"bytes_toclient\":250730,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chosen.jquery.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.292Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/chosen.jquery.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:44 GMT\r\nETag: \"6d62-5c1fa5b760800-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6482\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":28002,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (27880), with CRLF line terminators","md5":"ee982554fad24d47293a6a7296c64b47","sha1":"d637325268df1a33edabc4dcc035a99baf916d0f","sha256":"f2a5bcebbcc3ab1503692375b4ceb0764cc98e3c8cc9f51e3fda53704725aa23","sha512":"620ce226a202138627c9895ba86ba825280a666b56afb524e0d3cac0e70dade22b6ffeb63520c28291622b95faf7a1dd18ac497a71bfc26d08cd26b1b2ba0432","ssdeep":"768:NdAhKE5q8m70m0TEJwe0uZJwIjNb9EDTkYmCbENj6bA:NOvagTEJwe0uJjNb9EP3vENj6bA","tlshash":"75c24184bbf1a22141ba54eda45ea1c5a337a4dcd80c89dcfe6ddde25868c0d712fb34","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-29T15:24:04.81Z","times_seen":203,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.225553+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chosen.jquery.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5441},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":43,\"bytes_toserver\":5773,\"bytes_toclient\":49747,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.touchSwipe.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.302Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.touchSwipe.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:14:20 GMT\r\nETag: \"4f96-5c1fa64c26700-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 5056\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20374,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19949), with CRLF line terminators","md5":"e44c00697626635e54dbb1da5ad5f6ca","sha1":"3526f5c34fdf94899f2a28f2f10703c46c6dc178","sha256":"4f88102a007d867c9705131a936e18587a98476d4c48aedad4ea09d23ec3c8b6","sha512":"44606a5c253d2d3e07dbcdd53e829ac4a455c4fa00b36dcc71ccd2a0c1573fcc4d2b25e3d4d669a4ee51dbeb31ed4ab3e14099827edb1d03c2f0950bc1cdec25","ssdeep":"384:WvSC3zhevYNzktrlro8aVfPxodvuyaHYleh+VPFmAS4BsioWfF+0UUTK7:WqC3Mkk3cjPxodvP8kMiok+0UKK7","tlshash":"4a9294c5bb053d53e9ff12f64257170ba2368eed050e10289839dfc629314b1a6efb69","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.286324Z","times_seen":130,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.259056+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.touchSwipe.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":23,\"bytes_toserver\":2902,\"bytes_toclient\":25953,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.486Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/font-bradesco.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:26:06 GMT\r\nETag: \"150c-5c1fa8ed71b80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 475\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5388,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"d634cb268de670cf8761c6a31bca7b49","sha1":"d438553c71ac6610015bb3fa954ac5a71fbbee30","sha256":"216137ba9d4c759ee69d3249ab38fdcb827359ec3dc71ab281e29e2d81511a92","sha512":"c42b6318a82329b4d5704bc8146c26ce14b6ea47f15cbc310283db00cba65677903087e36eae64ac41d213c36d786ae61279d491b79722c9d2da2cb541cbd1c1","ssdeep":"96:MnXLsjjvcSRJJz4kuYZgZMZ2ZySuaY9+qIHSLLXGd3n7uShUhAgkRJJ55xxrSH38:OUk00gaJ","tlshash":"f8b18371292b2171499a6804b3d66f3c0f1df5274205c9d224af489c8ef5fda83b5f7a","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.212542Z","times_seen":74,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.474451+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/font-bradesco.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":475},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":56,\"pkts_toclient\":96,\"bytes_toserver\":12375,\"bytes_toclient\":123141,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/qrcode-pf.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.182Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/qrcode-pf.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:48:00 GMT\r\nETag: \"1dc0-5c1fa06958400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 7616\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1155 x 1155, 8-bit/color RGB, non-interlaced","md5":"ed71655cc66ce66674143628bc9319a1","sha1":"a32e5846e8c28403037c8afb2ca5cdeff88e1d6f","sha256":"882961ec38daef239a653598a0568a760aba9ce6964183114c736861f98b5a1d","sha512":"76e17af739434aa0852879351afeb92373a892a561a195010b143029e58bdb9e138377011719e2470ec09f54927564057ed5bcffdd202d553598edd13faf69de","ssdeep":"24:05UpKY/XgESfM1MEqTWyfOJyCAryhM+t6Eg98WSXcPmlSVp446kFG594wzD9NxDW:NKY/Xg/OMvzOrArH97nMS7k/59V5DozF","tlshash":"30f109920a2b4f137526727089becb0c8646566ff173cac17f4b9cd6643ce94326a793","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-01T02:24:39.918593Z","times_seen":57,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.417603+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/qrcode-pf.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2610},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":38,\"pkts_toclient\":63,\"bytes_toserver\":10098,\"bytes_toclient\":72090,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/003-d.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.199Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/003-d.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 24 Oct 2025 17:18:28 GMT\r\nETag: \"ddf0-641eabcec0100\"\r\nAccept-Ranges: bytes\r\nContent-Length: 56816\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":56816,"size_decoded":0,"mime_type":"image/jpeg","magic":"RIFF (little-endian) data, Web/P image","md5":"8446ff84f74e14d20d0f9da0814584fc","sha1":"879d5f68a9c6cca000cc15620aac0458210a5e05","sha256":"491fdd153240406d09df5bfb9c6a0a9e24acb998c2c04f5d7d9e51d147726ad6","sha512":"856828c9067c905195e39f2a2cce59710af02c061d0940b4d23c685e3fdb84771beed62adbe63c066718dd27858befceca368dfe24a7d7df7b44c8ef3c0bf4ae","ssdeep":"1536:SFqZ7ZHQktNVInwoMOEw2Cid0m9Im2xPtAfU+RZ:SF87xQYNVInRMOf2Cid0mj8VA1T","tlshash":"3543013f536087d4fd900573363387b2df96394bde503a674a4176b2a822c9ea2ec990","first_seen":"2025-10-22T23:03:46.446432Z","last_seen":"2026-04-01T02:24:39.826557Z","times_seen":21,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.461066+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/003-d.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":60,\"pkts_toclient\":103,\"bytes_toserver\":12090,\"bytes_toclient\":139492,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/bitz_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.239Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/bitz_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:58:10 GMT\r\nETag: \"82fe-5c1fa2af16080\"\r\nAccept-Ranges: bytes\r\nContent-Length: 33534\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":33534,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0558939ebbff29b33300d237438dd795","sha1":"5cea2f8d8d0c7865ad0fd7bee2fc0d658b9913d4","sha256":"a441d872c49de8ebb4110aab4f7ec4a6cc96c10fd7457ea9f261b79b2038d304","sha512":"8775a2f132b70035e62afd9006e9cc5537f63c14e1b98ba187463d2660f04e44b06669243073eff23bb13da22e960727b340cca87a752544bfdc9ca0b9b5428d","ssdeep":"384:XIJENTXIIByWhKPdGkIvBKmW8soh20omiqwCcQQKH8lVO75+V6ixX9NolD/HQ3Fo:1Ta7IvtsoEjC+KHgVf6SqzQ3F6","tlshash":"1ee2f20ccb9acd917821bcd53917f868dc14341e92349d12aa12b9ab0f71be7da3df46","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.311867Z","times_seen":76,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":380,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.636710+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bitz_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":126,\"pkts_toclient\":259,\"bytes_toserver\":20557,\"bytes_toclient\":361644,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/destaque-1.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.257Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/destaque-1.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:46:20 GMT\r\nETag: \"6d6d-59da71e7a8b00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 28013\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":28013,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 321x352, components 3","md5":"68a85e7e472c2f409b758101e4bba641","sha1":"3bb691ab923ac684dc2f695b81af091bae9a56e4","sha256":"264ae841b68b3ff3afc6c3047be145b57dd15f2dc57e3d14d68ddc3a6b4b4fda","sha512":"e4ce8c6e5f2ed484d23ce29f6d5f18e9ed78e84cc6a7a102975650cb53dbf1d5d99bb79f98f8f8ab24211af03ab8ee4ea37df67997a966e6af40e13683ad2227","ssdeep":"384:rYNg7wMHUwcw5kIDmR3z50dOHEBf+WJSkeCAbIQQrs/+sBStlfwmaYtaIAEGBRb9:rYyFHNFDmRD500kZDeCapS3LaaticxUR","tlshash":"7dc2d16d5be78b0bfc58853534f02b6777126ba4ff92528a70b87c02864e758ae440cd","first_seen":"2023-05-03T00:36:11Z","last_seen":"2026-04-12T06:21:14.197157Z","times_seen":89,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":218,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.495775+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-1.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":65,\"pkts_toclient\":113,\"bytes_toserver\":13390,\"bytes_toclient\":144882,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/destaque-4.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.269Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/destaque-4.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:46:58 GMT\r\nETag: \"13873-59da720be6080\"\r\nAccept-Ranges: bytes\r\nContent-Length: 79987\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":79987,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x352, components 3","md5":"c14ad82feb08ddd14a6938b80efaefbe","sha1":"72c4e959f48db6cb2723077fbdff63365815431b","sha256":"b7c25a5e7b72789853b0e421fce2ebd0a7442cae0ffaae72099ee813b0ba3a3b","sha512":"521458fb56c933ac3d57645d78d887cb6deafd5c38c6d4ef208f9ea2dd0ecbcefc4cf5a26f929fb19da1d88204d07135bd5884ad36d78964f4b4040b7dd79c1f","ssdeep":"1536:prYaRDqSqYikQgwHjJJawTWgzuSEKJBi7jR1sJbRFJJN+7FyAyMAmn2:psKDqSN0bBTpuAJBm1sJ52RyAyMAm2","tlshash":"6c73125fe5828b01d4b6faf103a79f7223b0b379e0939699919fe86111d01d64c8fd2d","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.268308Z","times_seen":114,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.519700+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-4.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":82,\"pkts_toclient\":129,\"bytes_toserver\":14061,\"bytes_toclient\":169248,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chat.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.341Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/chat.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:19:54 GMT\r\nETag: \"2d23-60e93ef0f4280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2909\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11555,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"0c7b7cfbb06bbf02214b1b3e752c8a15","sha1":"fa4fe863bdd3acbb9481cbb9d445556e2f07532e","sha256":"e7e6e4df1ad61c67228b6104d5a177de0ed825663ace6c6d0e22779b90251625","sha512":"04e670ecbf4c318cb029857f952e3b6695ee79990b646242681b5278267ea3a91445dab6b7e2fe2a84345f1512355efd4b8a08ca24fe39eeeda340a2530d96c2","ssdeep":"192:HwEh6KYZyhHBLBTmPbACSX3IHkS9FLBn0ppzdfRhL3:fFBLB7IESADL3","tlshash":"ca326344b198133a49732339cbb7c219ff6e95074215de64f88c96d81ff0691e522fad","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-01T02:24:39.833272Z","times_seen":64,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.383090+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chat.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":52,\"bytes_toserver\":8642,\"bytes_toclient\":56614,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/favicon.ico","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.911Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/favicon.ico HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Tue, 04 Feb 2020 02:31:44 GMT\r\nETag: \"4acf3-59db6d7390400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 306419\r\nKeep-Alive: timeout=5, max=73\r\nConnection: Keep-Alive\r\nContent-Type: image/vnd.microsoft.icon\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":306419,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"c82c62c3b9e34828b82324feec0622a2","sha1":"f4a8aa999b6979ce666abc46623e5c05066802e3","sha256":"cb7489dd3c04b8a0e5a7f411a89f1795978c9be6b0e960546b9b236c0190d111","sha512":"ad9a211b06607d17e7eb7d4574170b35cb51bde2759030eca2a152abdf5e8512dd1243bf011b59e95f5dfd86fcfb3fd533bc98ca606bc4c56a7272914271b8a1","ssdeep":"3072:MOQIZywdQ09lhjltdVuzXY9BWO3OosGdgbLGJPzCU/g1FcZiokzEE7nNTolgdPd5:M2NWD","tlshash":"b254621d27a1d2acd155bdfecf60c0582daaac90086bd1b672307bceae793dd44953c8","first_seen":"2023-04-22T19:37:21Z","last_seen":"2026-04-30T15:31:33.299548Z","times_seen":310,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":24,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.928017+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":27,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/vnd.microsoft.icon\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1144},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":177,\"pkts_toclient\":334,\"bytes_toserver\":26422,\"bytes_toclient\":479485,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"aaab/weblibras/auto/loading.gif","fqdn":"aaab","domain":"aaab","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.289Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /weblibras/auto/loading.gif HTTP/1.1\r\nHost: aaab\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T01:39:33.509705Z","times_seen":14450037,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/slick.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.113Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/slick.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:49:18 GMT\r\nETag: \"767-5c1f934a80f80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 577\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1895,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"b06073c5a23326dcc332b78d42c7290c","sha1":"64e6c5ff99f14c65752e0322234160f8e83fc6c2","sha256":"f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063","sha512":"438230129bd3bde621f9687d3e1739ac0a7ccd7b285be160daee2ae5395701e47d9c41b6a109c9ebb0f9b994c1058a5722362959098872a3094c11445800c395","ssdeep":"","tlshash":"b841fadc0652c5d68733c4444fd38649eeefa0930c251698ba8d47098fbfae8a9c5e77","first_seen":"2023-04-05T23:01:10Z","last_seen":"2026-05-01T00:57:52.3252Z","times_seen":9795,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.074640+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/slick.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":577},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":2710,\"bytes_toclient\":7705,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/home.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.138Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/home.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:37:36 GMT\r\nETag: \"45fb-5c1f9e1640800-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 3237\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":17915,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (450), with CRLF line terminators","md5":"8a3f21217ab1256af109b0afe8ca7edf","sha1":"4f8f8d58f35c3408c41f4382c20f9233981b1dd7","sha256":"7d293a9a52356498cfa59aa2c97a881c22ed47e1236cbf9dc15179b200ecd627","sha512":"2e04d1921c58966b54937fe34d750f5de9851e1afb562232ac0a7f852c8282ffe078ac23620098e6382988229a42b6b4c0376f8893368a430c8867bebaf8161a","ssdeep":"192:trFilMcI0xLpiqw4ghpqOm8q3FuB+b3v751FJR:tslMP0RpKzJfB+b3zR","tlshash":"cc82df67a342720c612793a6fa67c6acae3c4005739e24f875716d248b9e64b1073f9e","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.260746Z","times_seen":84,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.131291+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/home.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":17,\"bytes_toserver\":3423,\"bytes_toclient\":15374,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/sitemap.json?tags=Mais%20Bradesco\u0026tagMode=any\u0026format=json","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.814Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/sitemap.json?tags=Mais%20Bradesco\u0026tagMode=any\u0026format=json HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:19:54 GMT\r\nETag: \"2287-60e93ef0f4280\"\r\nAccept-Ranges: bytes\r\nContent-Length: 8839\r\nKeep-Alive: timeout=5, max=74\r\nConnection: Keep-Alive\r\nContent-Type: application/json\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8839,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3f2a642a30b6618e652729222d04a96e","sha1":"c9d4777538f9e88dfa7374283b53e1a22b298fd8","sha256":"97bf76fd7a241e0b029c01191d1d58b539ceba50d08edd06322a0e8c6e042a42","sha512":"61674904cbdcf6023da24890ba8e333b832a08b79cab23ff8e728be1ede93be3b5ef8e686f04a744f0db37e82b6347dec89eb4182ad2575a7802deb3c012a253","ssdeep":"96:6N36wXrBY6wQXBF8fL9V2ybWvi7+R1gBg9YLmnr/Vz7JcRf4BffzZDIPzJNXH80i:zd7e6rRCYjmLBd","tlshash":"f6025d9777fc643702a18282947ccaec5a9ed21ca64c99fafbd7860e91c49d542f830d","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-01T02:24:39.884423Z","times_seen":54,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":5,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.822793+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":26,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/sitemap.json?tags=Mais%20Bradesco\u0026tagMode=any\u0026format=json\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/json\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2603},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":172,\"pkts_toclient\":327,\"bytes_toserver\":25524,\"bytes_toclient\":469891,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/html5lightbox.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.822Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/html5lightbox.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.329476+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":25,\"pkts_toclient\":42,\"bytes_toserver\":7221,\"bytes_toclient\":44442,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.871588+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":240,\"bytes_toserver\":19538,\"bytes_toclient\":332277,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/desco-novaPONTOS/js/modernizr-custom.js?_=1775002894697","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.190Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /desco-novaPONTOS/js/modernizr-custom.js?_=1775002894697 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=72\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.204914+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":28,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/js/modernizr-custom.js?_=1775002894697\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":152,\"pkts_toclient\":297,\"bytes_toserver\":25389,\"bytes_toclient\":414705,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-renegociacao-de-dividas-white.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.254Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-renegociacao-de-dividas-white.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:59:34 GMT\r\nETag: \"b36-5c1fa2ff31d80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2870\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"05b5ec774157b82b316c6a50861caba5","sha1":"08d6ff881750ceb8c77ecc89d08c6b586430e274","sha256":"903a1c6e53ac7fbf411b6934bbc720fdebc3dcb7f24643e21c6053d0febc7c58","sha512":"97ae6a286061a1d2936dd79bb889a26a44d72483ca9802dc9ff2b4ec6f25cc7dcc49c568fe05ae603c726f08c01b92b726ed8fd37b2b9c776b8bfede29067319","ssdeep":"","tlshash":"40511ee1574575ac310fcd48ee2ba740520ff8afb6fba3c5f5998b3ac04a880e540e18","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.316039Z","times_seen":74,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":221,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.498196+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-renegociacao-de-dividas-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":78,\"pkts_toclient\":141,\"bytes_toserver\":13824,\"bytes_toclient\":195023,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-mais-facilidades-white.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.255Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-mais-facilidades-white.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:00:04 GMT\r\nETag: \"3cc-5c1fa31bce100\"\r\nAccept-Ranges: bytes\r\nContent-Length: 972\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":972,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99f1a9348a398663c32682642492607d","sha1":"d31c75ba5cac9ba033cc38dabea18950cd0684f7","sha256":"79afe8b0338b2dfe07871f99831a981b3f6eaa9a42e7efc667312b7a384e0515","sha512":"bf1146b0c09dbb93996fda021c40374c2cdddac97396affca8abcfd581eb8047104531fec62d9bac6cc7d0c1ee82a06c366cfe2f145a94105225b9909dfc636a","ssdeep":"","tlshash":"61115e8675599c78a82a08e87fe47a51406f766f331d3bd8f0f13630901f7e134a2692","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.317918Z","times_seen":74,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.499238+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-mais-facilidades-white.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":972},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":81,\"pkts_toclient\":124,\"bytes_toserver\":13995,\"bytes_toclient\":161678,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.magnific-popup.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.293Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.magnific-popup.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:28:00 GMT\r\nETag: \"4eea-60e940c070800-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 7341\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20202,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20070), with CRLF line terminators","md5":"9cdc2d05f9df07ebe5bcc0a6fc269f4f","sha1":"40b7fec1278697f41e32f661d54e095aefc243cf","sha256":"c888c8636909a55dfe9ba3f36c6e1b788320f66771538dfac043a67fa4a6a196","sha512":"119131d91360c2c082aead35a3f6977c32f3fd92eda94f95ad16d569eb9cc315df07ea940c1adb9cbd329ce32204d77ab035eefa26c92e75667b9c71f7894019","ssdeep":"384:iPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/V6l8aZwHwztLypmst:iPBIt8I5h5d1qkOLyMst","tlshash":"7c922994f2b2b21383a735b8686f700939729953ed06c855a55d94d87efcec89027f3c","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.889483Z","times_seen":64,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.220954+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.magnific-popup.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":19,\"bytes_toserver\":4552,\"bytes_toclient\":17596,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bootstrap-4.3.1.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.299Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/bootstrap-4.3.1.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:14:06 GMT\r\nETag: \"e2de-5c1fa63ecc780-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 15443\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":58078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (57791), with CRLF line terminators","md5":"0a958254db529f99f475080fe2a6dcdb","sha1":"eebc17246f2beda813dd3372593cc54a152f9cb4","sha256":"3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158","sha512":"327bf409cdd167171a300ef7f95fac5cbc802320b2872ea845ec434ff7987a21cb0f0346a8eb3cb891447b98e2e622c3d721bc295bf4f26e763659dbb8a09940","ssdeep":"768:BwYyDyKAmHVaS3m3Dqp0NwCkXDtdFDLmTV+miDNJcJiQMRqyPiYtB6UvcCg8YGxV:BwTKktDLmTF8yJL45XtHjoGL","tlshash":"5743b90a725478b205df9176917f420bb736688ae94ac16cb91d98ed1e7cc893227f3c","first_seen":"2023-03-07T01:41:57Z","last_seen":"2026-05-01T02:27:40.614446Z","times_seen":5447,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":16,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.270333+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bootstrap-4.3.1.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":30,\"bytes_toserver\":5211,\"bytes_toclient\":28414,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/moment.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.312Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/moment.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:16:06 GMT\r\nETag: \"e5c9-5c1fa6b13d580-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 18609\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":58825,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (58823), with CRLF line terminators","md5":"a766f690061fdaf1a8c4e12775a445d2","sha1":"83928cde10776245a7727a8edca00198933502e9","sha256":"71493f4ce16fd5cebf37ff111d0818462464b0a95c8aa3a5ff2ae34ab45c8fc6","sha512":"5ea26355537a09cefa20f055168e431dba12d2d9269de5816e4c7d427294aeda1ebfd870cb1a251ffc4d479c54fcd38f981ee24ea64696ff51afa5af0f34d03e","ssdeep":"768:HQzzGlTXaQRThOeehGXgg99smpuSv2Z7W2gjKkZK+6htrEFH7TaAv:wn6XHNhOeHh9sm5obGKkK+6D6H5","tlshash":"4243a3ca3986b01257b612b5083f080be33e6965680e4d1cf508e9d97839c7e527bfbc","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.211856Z","times_seen":88,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.343701+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/moment.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":44,\"pkts_toclient\":59,\"bytes_toserver\":8418,\"bytes_toclient\":67530,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/index-banner.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.140Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/index-banner.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:36:56 GMT\r\nETag: \"66b-5c1f9df01ae00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 538\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1643,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"dc6d859040bc46011d4a96829c8852e8","sha1":"f8782d3acd4da9b6e2aad741e664af90cb78ca19","sha256":"38a101c0482e5a2a33f829143a764a6d7ee80e0d6cdcc163f37bf7aeca4e2fd4","sha512":"254fde21a503dff1b5b7db2c59cbec99040757127804cc5009c85b4d46b967d7c7e5342032bad1f52000205c68f17a82aa0d6939d67481aeb6c964a11cb73c8c","ssdeep":"","tlshash":"0131b31ceb332704553ba7a58ff1211afb160427ca0b4158f9df36018fb58549919fcc","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.326308Z","times_seen":85,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.130355+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-banner.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":538},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":12,\"pkts_toclient\":15,\"bytes_toserver\":3350,\"bytes_toclient\":12554,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.159Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:45:46 GMT\r\nETag: \"1420-5c1f9fe98d680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5152\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d02b1ef4715cbbba1774d09ca84964ed","sha1":"3b26950eb64f535e7affecdcfc8cf40da777e0b5","sha256":"b32be1c2d9b0ca7de0120862092034c52d71aa67cf17175faaa23e1502e9b38e","sha512":"27356e31f0185110f4214e0d515643e27204a580012f233ce21bbd96c3a01b67cec1bbca72e992952b93e8338b184b4a82827608565271f3916e038d74fbabfa","ssdeep":"96:50bF9Y1J4EHNyl1lrcEweCgizfC+LAKEI4es3PFvPfK+8taHZ:Izl3oGizKsAlIQ3PJnWE5","tlshash":"7cb1519c93e492f0a10487d4b63020737b7630b63d74de58e6ee7d94bf669ee00794a2","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-30T15:31:33.265111Z","times_seen":198,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":215,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.391850+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":12,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":57,\"bytes_toserver\":8780,\"bytes_toclient\":66284,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/modal-cartoes.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.317Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/modal-cartoes.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:16:26 GMT\r\nETag: \"7828-5c1fa6c450280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1484\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":30760,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c9021a9becd19b17ef10ec79fe7b8f78","sha1":"5872e8bab6667cc7d493163a612253315d368a18","sha256":"ec2cd808f1f41cf31ff3d579681278de7e77fc155f33b1a2f7a7c88fbd1482bb","sha512":"be41d14aae31e1c22ea437211a5cf970355b9c1ce88b30e345efdd61bfd2d8af8227a242bfe1484031eedb5ccd040793549bf04ef85e46ddef32af583b6480dc","ssdeep":"192:dLMaNyRLh2yrBUBaBb3vJr9LXrbQ6EWQZPLuwFutLvLnX:CaeGi3vTrF","tlshash":"b3d2bd92e067512951b52a919943140cbfa30acfd198f50cf6ec98662ff8b9f103bf4e","first_seen":"2023-03-14T12:25:51Z","last_seen":"2026-04-12T06:21:14.220584Z","times_seen":86,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.307187+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/modal-cartoes.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1484},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":41,\"bytes_toserver\":6104,\"bytes_toclient\":43874,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/main.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.074Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/main.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:33 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:07:48 GMT\r\nETag: \"156e3-5c1fa4d64f500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 14070\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":87779,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (1917), with CRLF line terminators","md5":"1428e45d40b0da09d3c3c5c81c8c5be7","sha1":"0f8caf75865e2f00dc85acc61dfb8ea713b8ef32","sha256":"01ac9b234823c60b2927853239e7194afe9befd2e64c9447e6ec7e4078198d1f","sha512":"32b45eba54b5bc4de8ead65d9a5f421e756244c4e76d2f02c6f1ec93c4afdf3b219ec01eff8808e0d2c060b96a78ba8ce842687c9a7970110099c7ea964cdf2c","ssdeep":"384:7XPpOCgJdahNC2mvHVYqX6Lb1A5v5050lg3ykR87nPripmcUDSFAF1/dgE/+Komb:7gJdahNdmv8ErGcKKomUD7PZrjeZgi","tlshash":"8483c629db4656046231c775fba32b6abb3580637b0251bdbfe85418f38e1990272fdc","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.172271Z","times_seen":84,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.040805+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/main.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1109},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":14,\"bytes_toserver\":1981,\"bytes_toclient\":16194,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/main.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.329Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/main.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:30:28 GMT\r\nETag: \"fce8-60e9414d95500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 13747\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":64744,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (345), with CRLF line terminators","md5":"c52578309a0dea6fb0c73682b2bdf410","sha1":"965fd76d0dd4003d8d88934b213ea5980287ed7b","sha256":"9c078d00766455c746a28f07f384fa82b9118a4fd2259ce0890aaaab6c90e2e0","sha512":"49670eed1f3d923d26e9cb364d0e98eeedcb0edd2642301ac14915bc558857c64dd6062b9347e16cfef065dd6c5889e08b3f458d3ea81c590e2ee1bc80169fa1","ssdeep":"768:eYGgN86MVGyCIdzKQ9eIUBWUHWTe+D7DiwVro89BVCXQcC:agi65IdGQ9eIUBWUko8VCXQcC","tlshash":"9353f996b69d7a3f03a36266a17e2a88de5dc131c100c0b8fdf1d45c55c8e8537bae2d","first_seen":"2025-10-11T11:22:54.761609Z","last_seen":"2026-04-01T02:24:39.915167Z","times_seen":49,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.354217+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/main.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2544},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":48,\"bytes_toserver\":7287,\"bytes_toclient\":53526,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/posso_ajudar.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.078Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/posso_ajudar.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:43:38 GMT\r\nETag: \"670-5c1f920641280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 659\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1648,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1c2a4a72f054b2a18c2ba06a3f0246b0","sha1":"af245bdecc230fa61dc43c15709fc78383056da6","sha256":"d10c7ced858d89a5fd5e1a55a2f53021bacda6c7c7ff2248865524d5e62585ae","sha512":"269f2f0c9f0f11d082711458a350e8b3eaead212c7024e9615f27948eda36f6b1c258a9befa4884a9cc695cd4ca135e11d4f4e351f0e20d752a2ad07a8e64cae","ssdeep":"","tlshash":"65311b656b472504f402d06d3b66670907ab016faa0bc9353fc43688efc22a9e6e27cc","first_seen":"2025-07-01T21:08:01.660447Z","last_seen":"2026-04-12T06:21:14.195685Z","times_seen":85,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":1,"connect":19,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.077441+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/posso_ajudar.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":659},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":785,\"bytes_toclient\":1201,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/emprestimo.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.221Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/emprestimo.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:56:10 GMT\r\nETag: \"15d6-5c1fa23ca5280\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5590\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5590,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"18f0c5328c5c63a2c66501d1c625f647","sha1":"2eb540f6b32d282f37cb6963b27ce5f1e9de1ad5","sha256":"7fa07b026cacae9abe33d58e73c5896147d331bd919c97af8525b7366470cb05","sha512":"869f8d7a6df6ab24d86d1556dd00ce06d60416957b49d00bf5f46d28432947e363bf1022904093a3a9cc0c49cd4053fed5bdecc479ac17457518e19df630ab5b","ssdeep":"96:TzrZMb7RkzbYz4yjalIWD8q8GMqyZM0lzwzqA1WzEolLWOyeg1GUu0jWsvbIpLg3:TvZMb7RkHYZjC9oq370lzwGA1mJLWFea","tlshash":"eab17e35503cf931ab262417b62816bd1cb5a453845732993d5e31f9324a972f2adb08","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.265309Z","times_seen":76,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":370,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.613829+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/emprestimo.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":100,\"pkts_toclient\":221,\"bytes_toserver\":15840,\"bytes_toclient\":307982,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/palavras.xml","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.969Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/palavras.xml HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Tue, 04 Feb 2020 01:09:54 GMT\r\nETag: \"22f6-59db5b2905c80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1751\r\nKeep-Alive: timeout=5, max=72\r\nConnection: Keep-Alive\r\nContent-Type: application/xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8950,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, Unicode text, UTF-8 text","md5":"ba7b350b379930adb7aa1c8423eb4245","sha1":"32ea09dffe0de304cd2cd64e64c13425bcfe24a1","sha256":"2ec9bad2f06b77cc90ea65b05d6847be4e63c48c58649106db74f9a8f035b4c2","sha512":"df041eb4fc82ec2d6df3522627ef6dd011a0463c331ee5a5736db264a6f0d0edce6b13a68d3b81b2f5d5a7582db064a032d2d87c04c1be53c949afbb4149db94","ssdeep":"96:kxfsxfslsds5fs8fsSsasFsssIsAsesWsQsYses2sNsVs0s8sisMsZso6sw6swsv:CvL6/L6DBN9kA7t/8bX5qyx7PRrVn","tlshash":"a112b3508b8a22dfc312a08b67ece16a8d43b6c5727ec75602648248fdbf7d4ca77d44","first_seen":"2025-07-01T21:08:01.646263Z","last_seen":"2026-04-01T02:24:39.857048Z","times_seen":54,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.987822+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":28,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":283,\"pkts_toclient\":543,\"bytes_toserver\":33961,\"bytes_toclient\":794857,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.031747+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":29,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":285,\"pkts_toclient\":545,\"bytes_toserver\":34636,\"bytes_toclient\":797084,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/ico-fechar.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.175Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/ico-fechar.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:44:28 GMT\r\nETag: \"119-59da56aa64700\"\r\nAccept-Ranges: bytes\r\nContent-Length: 281\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":281,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced","md5":"fa3ac9cd08babf19c32aa56e19cc1807","sha1":"d7e3332be1457a73118be32ddcb9642c40587167","sha256":"fc027c2191576531b0d335b793720c7869906475733a962e2bcc6489c710bb4b","sha512":"c8d69aa6b4e913d85846e90e58ecbe9899df5edd02d2924d2c3cdd15347a244971a479461a79b785103969d01ac55e00db14ac23307b2349086d8473aa4a9e04","ssdeep":"","tlshash":"30d0ebb20d30162ca938231386920410dac39bc10b6b0cce480a9cdd2c91dc2e0f431e","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-30T15:31:33.26291Z","times_seen":237,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.411322+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":10,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/ico-fechar.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":281},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":41,\"bytes_toserver\":7943,\"bytes_toclient\":46490,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-sac-ouvidoria.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.247Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-sac-ouvidoria.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:49:36 GMT\r\nETag: \"22d-5c1fa0c4e5c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 557\r\nKeep-Alive: timeout=5, max=78\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":557,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a0aecbeb0452e2811cb9a992ee70c10a","sha1":"e3839cf9487da223c77bcbcc1a97f80cc723fa40","sha256":"05d946e0ecc7ab03546e55ded0ef03402b7ab2b01e1faf2eca225903e131de9e","sha512":"eb871b9f234336b53088ffe6ef69e4967b2f1473a0da6af3841f96cd3f9e5c59277b3e9dd8a0e999017abbe6b59752369b8a33fb2a19c21ae36f31c4fc8a1d9a","ssdeep":"","tlshash":"6bf08b2d43888f2cae90cba1eb247524112da4ea700ba318d963023057c51ccb13fac0","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.313384Z","times_seen":74,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":387,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.677503+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-sac-ouvidoria.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":557},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":158,\"pkts_toclient\":267,\"bytes_toserver\":22758,\"bytes_toclient\":373235,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/bg-btn-ver-agora.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.700Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/bg-btn-ver-agora.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/rt-limite-credito-pessoal.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:24:14 GMT\r\nETag: \"34ac-59da7a6050780\"\r\nAccept-Ranges: bytes\r\nContent-Length: 13484\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":13484,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x156, components 3","md5":"cde38fcb26c6700e5ab3d9dc98378afa","sha1":"89784ec2c796086ad6782d59ee7aac8ae88d83e0","sha256":"1ad0a4fc1080ea07b99f4bc191a78f51337d14068c296a6c43673feef34dd7e5","sha512":"a53629a8d948726d3d658f8ae0a65112dbf721c721d3464622992b67155e2ed3927435f323b27b9e6e0db73ed0530b1a0943d7b2b19ec8bbcd59f24424913342","ssdeep":"192:yJYNMtKwuzlzlG+pU0h89tmmy4N4uBn6WIbXVTnJ4dcn7bOI6V0QTFN5Rwh:yJYNg7KA+pUzC42uBcpnl7bW6i2","tlshash":"9852ae5df082260eda5cca7070f13bb5e35b6a50c7f1ee9b91a0d70543890e4469e8a7","first_seen":"2023-05-03T00:36:11Z","last_seen":"2026-04-01T02:24:39.839674Z","times_seen":59,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.678841+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bg-btn-ver-agora.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/rt-limite-credito-pessoal.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":107,\"pkts_toclient\":232,\"bytes_toserver\":17924,\"bytes_toclient\":322814,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/bootstrap.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.107Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/bootstrap.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:48:24 GMT\r\nETag: \"b37b-5c1f931701600-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 7505\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":45947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (675), with CRLF line terminators","md5":"feb06d6b24fb91ddcecf7d9f1a859451","sha1":"7de8c8634164df4fe9b87ff84fda382b1c58cea8","sha256":"563a8f9aa36543ff9b3da569d40ecc50abd8ae12b939fd7bb4cac841912fcf07","sha512":"1bfef8d80a4d374b1621a3ed5e4d055a9852e011fd20a612437839af16483dc9037e5272778f76ecb71f19e807df69f6608956703399aa11a026a418578495f0","ssdeep":"192:pDnwpZ7emNxgpvdJquwtV0kBPVWzylidJHnCu0v8MNGdByMh4DdOSTPm7q9jR9dt:pTCXgCIM8nh5QQGwAm7xnhvRF+W0","tlshash":"a52331f8f21410812b33d764e7539e636f1da3f4cf421e29fa46648c52e72289a52edd","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.255294Z","times_seen":121,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.085159+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/bootstrap.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":9,\"bytes_toserver\":1495,\"bytes_toclient\":8563,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/modal-img.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/modal-img.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:43:46 GMT\r\nETag: \"29b6b-5c1f9f771c880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 170859\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":170859,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 822x755, components 3","md5":"97d2192a7529526e2ee55b1647b08745","sha1":"d661e47cf154bf609cad3a67bf8b083f16db1191","sha256":"c4c41d4ec1c98320ff6071e9f7bcda63686460d9852fe98414d06e670c12cda7","sha512":"99f1741062f360786037be23b59bfb566d12da6317b7def4f86eb9b6496f9ad483048ba10db0b696692f4cc967094380caec930728b8a09eb90f23c97c9e8c8f","ssdeep":"3072:m9I+VKCdI2nQJP0UuOjr9/dOTHrcYObHDzyJVhEQMAOEltztSAgnqp:H9unQ7srrcYODshJsEltPgnqp","tlshash":"ddf312a79bda831fd52d933424733747afe694258bcc980f70d8b5c071a3b681a3e196","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-12T06:21:14.309994Z","times_seen":74,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":375,"dns":0,"connect":0,"send":0,"wait":18,"receive":24,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.544848+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/modal-img.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":90,\"pkts_toclient\":164,\"bytes_toserver\":15657,\"bytes_toclient\":228756,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/004-d.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.192Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/004-d.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 24 Oct 2025 17:15:46 GMT\r\nETag: \"13222-641eab3441480\"\r\nAccept-Ranges: bytes\r\nContent-Length: 78370\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":78370,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"2ff88999a14aa1a7756c93e6ac620699","sha1":"dcf06ce65b4cf441dba5421046f37db098029428","sha256":"ab9f76d6f19bdc4eb2b8f6895b9081374be239c410178b080f70f3c96a9af79b","sha512":"660c1f43dfe90a517351e3b7cdc47643cda61eaf424e27d544a6828670ed7a703801acc2693002c3efbbf85b99d85ade7327f45883daa712500d607dec36ae9f","ssdeep":"1536:vFJLuM9P/CLuLIohbAxyId929xp7tgK/TOfDrkYn1e5A5GzudO0a:vFBPeoOY9xBtgKyfPe5A552","tlshash":"e273024cdfdd611bc95a3ef5e3e049acac09196e2f38563ad3881305c2637a49c866f5","first_seen":"2025-10-22T23:03:46.925108Z","last_seen":"2026-04-01T02:24:39.892107Z","times_seen":21,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":34,"receive":21,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.445078+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/004-d.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":29,\"pkts_toclient\":43,\"bytes_toserver\":8009,\"bytes_toclient\":49518,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/consorcio.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/consorcio.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:55:08 GMT\r\nETag: \"e7b4-5c1fa20184700\"\r\nAccept-Ranges: bytes\r\nContent-Length: 59316\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":59316,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 534 x 577, 8-bit/color RGBA, non-interlaced","md5":"dd60fd5f84ff29c1cfd4f26fc2d06cb5","sha1":"7f6e650154e6d014ff8839217276c4b19389e010","sha256":"7e154af6990d6cb9bd8e865090fa9243a702b170163a3088e0657bec81c65124","sha512":"244e6bfe5c507424bb56a419f7ca6ae24a29ce461fe3ed32dcc3c112e68d3f113b0b829c097404d59031b0b04d1d628515ffbf6ca27cf01881232ddb34440122","ssdeep":"1536:nY0ATCvVrDn2WnQHJXIG74us3JmBRHRephkU7XisFyAtKltOeMLN6P:Y0AmvkzpX1EuO8RxephkU7XisFZUcN6P","tlshash":"c843010ca4b04c27277aad682d6f64eeeb3d2ce78186fb5439ec100e9f2811f2591d17","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.261603Z","times_seen":76,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.595424+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":98,\"pkts_toclient\":206,\"bytes_toserver\":17664,\"bytes_toclient\":283563,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/main-cookie.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.327Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/main-cookie.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:38:50 GMT\r\nETag: \"1486-5c1f9e5cd2e80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1345\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5254,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (416), with CRLF line terminators","md5":"c5489583b7ef1601b28961176a325659","sha1":"84e3f164082568365a5d8774ed58715baecf3c5c","sha256":"c55ce614a49156f7255577416d80e6d3b9a94f8ced5f2c03f07c3f8a7ca0ea6b","sha512":"f506bcce9c55096b53fa6e54de40e94362e5167ff01e8efaaa524bef48a529a96339341b13e19da525f5d9e6e90f5f76aa22680bb48ad11adaf3babf3d7d36d8","ssdeep":"48:zkoj+ZnBkIx+j8g0OScOQEShQWBeuYUhdngoNaOeB5b7wnKwn2bIPfME6ytwzPdm:z3G2v4BSBgPwnZnhfP4lWzmnJAZf","tlshash":"3fb10f262a27320a801bd259e5ab9b4c4524c018a75fe2fd7ce3255ac5df2c48df77ce","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.259635Z","times_seen":74,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.345485+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/main-cookie.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1345},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":31,\"bytes_toserver\":5461,\"bytes_toclient\":33411,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:21:33.741Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:33 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nSet-Cookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 13392\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Bootstrap:4.3.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"FlexSlider","description":"FlexSlider is a free jQuery slider plugin.","website":"https://woocommerce.com/flexslider/","common_platform_enumeration":"","icon":"FlexSlider.png","categories":["Widgets"]},{"name":"Chosen","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"ProgressBar.js","description":"Responsive progress bars with animated SVG paths.","website":"https://kimmobrunfeldt.github.io/progressbar.js/","common_platform_enumeration":"","icon":"ProgressBar.js.png","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":72325,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (506), with CRLF line terminators","md5":"1b323f0df3cf7633605281b76de90b17","sha1":"8d8974f13785235feb6ac0b06857a4f2ad8e4d43","sha256":"a898766a206be8fde7d4057e023b87ba90725acc88dd37059ebc86ec8c47d963","sha512":"087f94220f29697b0af171c45393995fbe34c825b1ea26c4563a25f2321be6d1bc71bc77e3db6655ad1475efc7904de02c1b1b90f46e7e5e017af7516f43316c","ssdeep":"768:h7CLRt1eGhPFtJkKNLB3TIoIiOccq7RcMLxxWJs80Nd4ZFmEK:AvRhPqKZZIoIiOccq7RcMLxxWJs80QK","tlshash":"616361003dc9482b017242835676aa29fe9ec637d725c945f3fe276b6ff5e818c67128","first_seen":"2026-04-01T00:22:10.229899Z","last_seen":"2026-04-01T02:24:39.911587Z","times_seen":2,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":16,"dns":1,"connect":16,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:33Z","timestamp":1775002893,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:33.794614+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1026},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":750,\"bytes_toclient\":6196,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/slick-theme.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.114Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/slick-theme.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:50:12 GMT\r\nETag: \"d2b-5c1f937e00900-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 893\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3371,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"406f21da10790a98f2cd9a9e4a662cc5","sha1":"718b6f8c0280b04291b95df5bcef12179a6b9f74","sha256":"ae4cb8d01b80d626f15153e32fc3d78cafb9dd8338940343486934e0bf71ee02","sha512":"d95db7a7dd9b49c0402f1b77f48c6e16612bd696ca5aba15953c9ccce75898407e397db73ef9bd05306fa7019b05440e867d4b26ae5393a1d07fc749feb4c20f","ssdeep":"","tlshash":"566191dc9256e1d7563398802f930714fbcb70531b110da8fb5553898fbe0a85bd5b8d","first_seen":"2023-04-28T07:57:13Z","last_seen":"2026-04-20T16:39:46.8082Z","times_seen":108,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.083680+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/slick-theme.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":893},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":12,\"bytes_toserver\":2658,\"bytes_toclient\":9420,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/001-d.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.185Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/001-d.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 24 Oct 2025 17:12:44 GMT\r\nETag: \"1061c-641eaa86afb00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 67100\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":67100,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"4c328a1b9175b0f9f85f2c3e334bea17","sha1":"40658fa439426976b2076a6ac83dfb6657723e22","sha256":"137ffd42172622f0f0f83a358fce429b1de848f3ab2a8062052ac5e18b8ed342","sha512":"94b4d9cc520fd5c87e2384cb165e1d475e352ab048ab589a76366a364bcd2e5fc5ecbee1b7148165a93b46541f582e5b303dd32b253a41181fd3318804a69d98","ssdeep":"1536:RAl03bl91rK9zslcBJ5Su/WJmumAPHw4TyHGP9Nh4v:33blvrwIlOLSuymuvPT2HGPmv","tlshash":"8d6302b8efbe4eaae80c6eb9f3794646cbc8acd807b538450520429dc5cf59b5d43351","first_seen":"2025-10-22T23:03:46.658522Z","last_seen":"2026-04-01T02:24:39.844244Z","times_seen":21,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":18,"receive":20,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.423138+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/001-d.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":54,\"bytes_toserver\":9990,\"bytes_toclient\":65974,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icone-pagamentos.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.252Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icone-pagamentos.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:59:02 GMT\r\nETag: \"8a5-5c1fa2e0ad580\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2213\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2213,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6cfe0eb6da18e10e3b42f331d0d71ff4","sha1":"04e9b0266a6d7c076522f332ef269c5c65274c25","sha256":"951cd0867e883421eb838c07c3d755afa1cb264f562b4cf1f6541b5f426135d1","sha512":"0da225daeab61f25eb48866a55afdaea2aba9bc8699c9956e0359f87eca4d5f29e643a43d27cadb95c792bd514f3097fec96ed5833604a19cddd92f169f9aa8d","ssdeep":"","tlshash":"c041cda95604f24c780dc858dd36a860562fb4df72ffa3d811aadb72d01e9d4e94181c","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.183324Z","times_seen":74,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":390,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.659250+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icone-pagamentos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2213},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":166,\"pkts_toclient\":318,\"bytes_toserver\":23386,\"bytes_toclient\":458054,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/retargeting.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.307Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/retargeting.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:19:54 GMT\r\nETag: \"2bf17-60e93ef0f4280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 15391\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":179991,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"919d1de7a17c9806f8ae8bfb7c549d7a","sha1":"c3590697267e72af23e8d8b0c8286537273c1e42","sha256":"b49de5a27b7ee92d9dda234a5cac21f2e4207f2194618f3735f1e08c67ada2a6","sha512":"3a1dbd2ccf718c96298032c43128f76712b0aeabb551ec4f1550e806a50a5afb364607f21a676e1cee294cc07da3e842052afb71361be261d6f4667ad306dbcc","ssdeep":"1536:IhUOZ2SRTGh+FYR5yCBMtipyaP5jlHmD8R:IBZ2SRTGh+FYR5yCBMtipyaPa2","tlshash":"9204c504bdb502541b7532a14e6fd60cfb2a49779108d5517dace2b90ff8b0caa98fbc","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.932225Z","times_seen":64,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.341517+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/retargeting.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5439},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":40,\"bytes_toserver\":6141,\"bytes_toclient\":45648,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/index.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.330Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/index.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 22:58:10 GMT\r\nETag: \"993-5c201b6222480-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 807\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2451,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"5e1d3f536f7a06cc0bee87a3b96da1b2","sha1":"0d434ecb3eefae6a565aa3263b92729750c0de48","sha256":"ac624c382aae962a001e0834ac62f3a76f076e98065f081d5f076aff5889bfd1","sha512":"4f67ae7ef1414bafc1a53dc45154e178392ed8f098a83c7cf4dee76568c84bda2545f1e850f9a670d71976f292adcb8a3b98335f939f9aad2038af2b106fd737","ssdeep":"","tlshash":"1e519b98a647a1680b3363384b378208ff2ad44b91045aa5bd8c4dd47ff1e2582a5ebc","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.242285Z","times_seen":121,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.362451+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/index.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":807},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":49,\"bytes_toserver\":7396,\"bytes_toclient\":57350,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/banner.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.333Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/banner.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:19:44 GMT\r\nETag: \"8ad-5c1fa78124000-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 708\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2221,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"0c970b7c8282934d31768fd66015a2e4","sha1":"62f17f9f983188a77ef5d02d813156c73abf778f","sha256":"991aa95ef7bc5c4f5a6f0b15b75e44fbf166ea505ab352119d32bb78c2988e88","sha512":"a864c90f79a8b3c44a5ca3fd783fc322e025be7d423d47bc6595f40de492a39ac2a2e8eac32bb459090d22f072076ff601fc49f14e8ed65960fa18e1662b2e8e","ssdeep":"","tlshash":"5b419b697c00127ee83612789db5d408ffa56b1b910cc9a1fefe81442f749046e67bed","first_seen":"2024-03-05T19:59:08Z","last_seen":"2026-04-12T06:21:14.319868Z","times_seen":87,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.366355+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/banner.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":23,\"pkts_toclient\":32,\"bytes_toserver\":6576,\"bytes_toclient\":34534,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/fontes/BradescoSans-Regular.woff2","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.608Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/fontes/BradescoSans-Regular.woff2 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:55:44 GMT\r\nETag: \"5028-59da592f13800\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20520\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20520,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20520, version 1.0","md5":"11497cb4b3a1b4b55da34a2579513571","sha1":"503cdad75bcdb9858bccfb0d006359d0cfe6aa45","sha256":"71591ccba7028f7dfe07349efaceec3b58ec185486953da7973f4f5bb88acb9e","sha512":"0a574805cdfebdda1b71a0db4f4461c756a3e9ef941518e4963cfb9c04395e731530866625af45759c3ab1698f5ed6c055b4a74981dc2b9af3bf7dc797544bd3","ssdeep":"384:iWn0Zz/ptGQqtg1z0SPhXKBU7SkcdKN90UwuMm8N/cJMLlUFZKwOBiVxC:iW0ZDnGQ31hXDGkWf5m2EJMJaYw7xC","tlshash":"8e92d00ebdd7184cf8783cbe807495f6426e8678c16dd5e82cde16d4ec6a3f63990618","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-30T15:31:33.326761Z","times_seen":239,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.604300+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Regular.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":146,\"pkts_toclient\":285,\"bytes_toserver\":20477,\"bytes_toclient\":409813,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade_weblibras.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.169Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade_weblibras.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:46:28 GMT\r\nETag: \"21dc-5c1fa0119b500\"\r\nAccept-Ranges: bytes\r\nContent-Length: 8668\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8668,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2bbaf7303d60f761b86d9dafa33d5916","sha1":"024d8bc5d3ee75153f0b4d7116f4e3d652a3b20a","sha256":"54ce86694114d0abb07bd4c6a082784ffebe4347e52428f72815040dd9744449","sha512":"b721fc9db31cb547ea36c1d644775565fbb7ed87e8feebee339ff2e111177b1f88b6fa05ef6879bd077ce81f0a4c439083b40aa485681cfc3a1e55f782c1a89c","ssdeep":"192:P+jgEUYJVrB6cLucPqHVjJmEpVWIYpXcPqHVjJmEpVWIYpK3d:2jgE9C9JYImB9JYImad","tlshash":"be020db713208399e4a4d38caf60e6cd737d9455b8b742c0cba31e964c1aeb7b16cd60","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-30T15:31:33.26599Z","times_seen":206,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":215,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.400494+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_weblibras.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":34,\"pkts_toclient\":54,\"bytes_toserver\":9314,\"bytes_toclient\":59642,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/002-d.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.196Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/002-d.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 24 Oct 2025 17:17:05 GMT\r\nETag: \"16f56-641eab7f98640\"\r\nAccept-Ranges: bytes\r\nContent-Length: 94038\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":94038,"size_decoded":0,"mime_type":"image/jpeg","magic":"RIFF (little-endian) data, Web/P image","md5":"641d82a53b0ef4823d219da8f6cb37f3","sha1":"18578cb89a94c6ead6dce51f82965f3fd9f8cc5e","sha256":"2525b071be5b97ac11776a04e3c891167a70b601e54893ce52ddab6a8253968f","sha512":"888360ca2abff0372af850a8a8dc60f1708e66d41c21b71187328340618a66f0a90724ca7bcf087f6b4fb4f7e343889cb7c0389811faaa639dad882aaae5b212","ssdeep":"1536:n7zkf9hjvE2DzS+ZEQOwSo+KTMKz66fiSYDXATxP0W55G571ViTsT2llWKV:n7Qf9hI2nSqEZwZ+ezZaSYT+0W55G51U","tlshash":"ce93121d52eb038dd60947f1174de20887eb08b3d49f21d5e79a9c0a4a37e85329f6af","first_seen":"2025-10-22T23:03:46.56279Z","last_seen":"2026-04-18T05:08:31.441837Z","times_seen":23,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":221,"dns":0,"connect":0,"send":0,"wait":29,"receive":22,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.446124+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/002-d.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":33,\"pkts_toclient\":56,\"bytes_toserver\":9304,\"bytes_toclient\":65455,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/veloe.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.235Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/veloe.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:57:30 GMT\r\nETag: \"5640-5c1fa288f0680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 22080\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":22080,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 164 x 174, 8-bit/color RGBA, non-interlaced","md5":"880379fd892a06addcf6ab33c771ff9a","sha1":"cea441dc98eacb0c8cc91657127e63d5c2c38499","sha256":"595d1ce0346f8361a3a8cf9da7ec2ec6ee8f47c1d02233ddfa7b3d4210aae5e7","sha512":"5b2e6b7a77c96ad561922206193b736ee57f073089c791716a465ae40d26e0ed9ddb71cf3e1f9444eee90f8b2e7c18d5218ba57fce570427163ed9be21764b5e","ssdeep":"384:iUgWlfzu2mWUh1oxyhjByihD6ZxuI54h0dXTnh3SQp+DYK5vt4JbVY+u:iylfzu2mWIoxaQihDCxViSBTUU+lt4JA","tlshash":"42a2e16495917d12134fd95528f4213c3427b0226fabbb4f7c3f53a24d90aaba298c26","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.315287Z","times_seen":76,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":379,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.631461+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/veloe.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":149,\"pkts_toclient\":255,\"bytes_toserver\":21085,\"bytes_toclient\":356471,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/wl-min.js?_=1775002894695","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.128Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/wl-min.js?_=1775002894695 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:19:54 GMT\r\nETag: \"29fc2-60e93ef0f4280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":171970,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65262), with CRLF line terminators","md5":"233889fd9c1f0cedd02014fe05e79ce6","sha1":"864e3cc123603d84619922bce0b83d075c872dd2","sha256":"c3ca42ba825dad7220f693f0b0656ba4c47f78737792c05ba0be3072f2b1d5d9","sha512":"5149dc7ea230c5acab92ea2650849a3e4c640913a19abad23c0519c7644c6cb30b1a4bbfa5a7a47c9590f227f60f04af7d99de4027e183c368e4764852e07eb4","ssdeep":"3072:nps4Ijnys3nf/qRWFjeMhosSGrX4NC2oq9qW4XHt:npsrys3n5ZosS2Mvoqs5XHt","tlshash":"d5f318ddb396702382eba1b9106f250fb23664696d0d8418f03cd8e8ac79e495177fbd","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.885416Z","times_seen":64,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":18,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.179071+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/wl-min.js?_=1775002894695\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1090},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":130,\"pkts_toclient\":273,\"bytes_toserver\":22343,\"bytes_toclient\":384199,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/bootstrap-select.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.116Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/bootstrap-select.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:50:30 GMT\r\nETag: \"1f7c-5c1f938f2b180-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1724\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8060,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"88f7d1718930065116e69a4d79230b77","sha1":"fd70f1718330d56ab9d18014b789ee0fafee9675","sha256":"804a772611b25d31e2bedffc943d2f0398c9b728af104900c9462c32f905d8da","sha512":"6cf305c6a8cf30daa93dbe29f25e6c10fcb90faa2446e4b6e5df28bd23851085c81a13160d1f4d65eb01da34f3b5ac3831d2787bf5d2640ea659508bd0cf3d82","ssdeep":"192:fhwV9HMAbF3VMIG2ZiFrhbCaGpQXmDWWRF:qM+HhpQQJ","tlshash":"52f133acb790406052f882bb3ba5a967799db091b74a407977dfe10c278344f2d33f92","first_seen":"2023-04-11T21:17:07Z","last_seen":"2026-04-12T06:21:14.222646Z","times_seen":122,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.086586+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/bootstrap-select.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1724},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":28,\"pkts_toclient\":30,\"bytes_toserver\":3875,\"bytes_toclient\":36613,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/navegg.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.146Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/navegg.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:09:22 GMT\r\nETag: \"3064-5c1fa52ff4880-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 4184\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12388,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12388), with no line terminators","md5":"c57b0672c92d253ee34a767bcaf5cca3","sha1":"4d2032a2ccc94c8abd0f11f0c384476ff7999efc","sha256":"6188adebde4b20f7df65a818b81b70b7ed486d0825642180f83454eb9de69ad2","sha512":"9908e94dafc0086e2dd342c5a5a097900f2defd26ca15126b3fe1ee8315fd10b1dfb2a5a83e4a59c9f530bfcc512192f9be20abd5693fb271f88eaabe5edbce5","ssdeep":"384:DXcjCHPyAuySHw5l2ojaI7jOQpUkmdI7ueVeK7g:DXcmHPyAuySHw5l2ojaHQpdmmg","tlshash":"d842a38f3174e51a86d7f164e80f534a1627b10a4c84c72ebc5589e3ae60d4f8a7ab3d","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-01T02:24:39.926527Z","times_seen":107,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.179102+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/navegg.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":4184},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":38,\"bytes_toserver\":5140,\"bytes_toclient\":43625,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/emprestimo_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.222Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/emprestimo_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:57:18 GMT\r\nETag: \"f90-5c1fa27d7eb80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3984\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3984,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"411095a7a183bfc1929ea4dfeab0137a","sha1":"2fbcb0c4614d755e941fcca846c32f57f828fa64","sha256":"1f865a6b8082dbe269d66a3cb8223055d5238bdd00a4ede51ab7321cb080697a","sha512":"7799b4f3a3ef246b3ccd500a4231c9578efa207ead4467b2f518cd29ac25c7c16cb45121ba0465e9247588b77aba01b168cc7b54a34b8e804902b2b3ef58a586","ssdeep":"","tlshash":"c2817d2557139fde43cd199b4d08eccc8fd74a9d8771048e6b6190f1524a2db7698612","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.266415Z","times_seen":76,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":383,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.622350+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/emprestimo_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2636},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":154,\"pkts_toclient\":298,\"bytes_toserver\":21533,\"bytes_toclient\":428483,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/veloe_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.237Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/veloe_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:57:44 GMT\r\nETag: \"1680-5c1fa2964a600\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5760\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d45163c7fa2b96e5b19367c9f3ca164c","sha1":"7e9e8014686056f47a1b896b4bc0e9f858b6162d","sha256":"a0959588eb30431e90648c9fee03ec085383e61bc350c7ee81dda4500fe1454b","sha512":"e210720771ba0c63216c9898a4cfce9bb07b8f134004cb55a4a6a18283948dce453b7df9c2a06427449fc5cb340fac6c37fb2f4fe7f3cef7d1726a48e6dc774f","ssdeep":"96:K8FoBcshaguLDPYXmbuYXFkHrdJo/2hFmG/M4zo5qJBYUJK9sV6ynyAP68uN1vmt:WBcshNIYXMXwBJJVM40scUJ2sVFgpmV7","tlshash":"4cc18fb1750295d82cf4bb2d5159184d40922e384cd12f9504ed4eaa8879e3be4726fc","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.274914Z","times_seen":76,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":378,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.632143+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/veloe_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":103,\"pkts_toclient\":226,\"bytes_toserver\":16561,\"bytes_toclient\":314333,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/m-destaque-3.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.261Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/m-destaque-3.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:00:30 GMT\r\nETag: \"1128c-5c1fa33499b80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 70284\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":70284,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 321x352, components 3","md5":"1748e0e343b47b44c0af3f5337aebe85","sha1":"8edea505b65529e2177403fd2242a4f6befea47d","sha256":"79e77d52759eab4fcb434213f6b7b796917fa735939517da9f40b64e5a0248bb","sha512":"fd7a42016e27fabc927ade08495618e89215ec9041f194eb1f149bc50012123687c36189016ce97517938504f592fee22ac4aee43e0afa060282f4e9e15ece06","ssdeep":"1536:Mre3pNIwIu+amFAZlSo/d/V1pBwFoltsFz+bC15xit2hhWKZ0:M63pNI8+amAZgolVMlN1DrD0","tlshash":"4863022ad737c394f7e2465f9199dbc226a293b04d5b25b4e89f5ab4834d8c72c2008b","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.267403Z","times_seen":76,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":235,"dns":0,"connect":0,"send":0,"wait":18,"receive":3,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.513738+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/m-destaque-3.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":49,\"pkts_toclient\":127,\"bytes_toserver\":11416,\"bytes_toclient\":171314,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/btn-new-bia.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.279Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/btn-new-bia.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:03:20 GMT\r\nETag: \"f97-5c1fa3d6b9a00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3991\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3991,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"b1b017592aee6afccc50d2b5f1a9fce0","sha1":"56bbd0d22a06a9179db189b69eb8d4db65cecf53","sha256":"0ee8c99f2d5544ae57df9b2400fb649013c77732eaa3baed188f110de3469316","sha512":"04ca2656f2293d4b416a7b838eaceb23943e2e4b1817c8a39374672bd576a8a546861b9e1ec81050add7bc0f0015f69908af0beea92b6ef11569fbc4ef23e691","ssdeep":"","tlshash":"0e816b86b103427e8f08b6b754ec6a351c51a18c937d09ef6c9f432e03b61248dd6c93","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-01T02:24:39.89768Z","times_seen":54,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.577849+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/btn-new-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2611},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":96,\"pkts_toclient\":201,\"bytes_toserver\":17012,\"bytes_toclient\":275993,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/palavras.xml","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.013Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/palavras.xml HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Tue, 04 Feb 2020 01:09:54 GMT\r\nETag: \"22f6-59db5b2905c80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1751\r\nKeep-Alive: timeout=5, max=71\r\nConnection: Keep-Alive\r\nContent-Type: application/xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8950,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, Unicode text, UTF-8 text","md5":"ba7b350b379930adb7aa1c8423eb4245","sha1":"32ea09dffe0de304cd2cd64e64c13425bcfe24a1","sha256":"2ec9bad2f06b77cc90ea65b05d6847be4e63c48c58649106db74f9a8f035b4c2","sha512":"df041eb4fc82ec2d6df3522627ef6dd011a0463c331ee5a5736db264a6f0d0edce6b13a68d3b81b2f5d5a7582db064a032d2d87c04c1be53c949afbb4149db94","ssdeep":"96:kxfsxfslsds5fs8fsSsasFsssIsAsesWsQsYses2sNsVs0s8sisMsZso6sw6swsv:CvL6/L6DBN9kA7t/8bX5qyx7PRrVn","tlshash":"a112b3508b8a22dfc312a08b67ece16a8d43b6c5727ec75602648248fdbf7d4ca77d44","first_seen":"2025-07-01T21:08:01.646263Z","last_seen":"2026-04-01T02:24:39.857048Z","times_seen":54,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.987822+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":28,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":283,\"pkts_toclient\":543,\"bytes_toserver\":33961,\"bytes_toclient\":794857,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.031747+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":29,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/palavras.xml\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1751},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":285,\"pkts_toclient\":545,\"bytes_toserver\":34636,\"bytes_toclient\":797084,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/menu-dist.js?_=1775002894694","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.122Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/menu-dist.js?_=1775002894694 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:45:00 GMT\r\nETag: \"2002-5c1fad26e9300-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1806\r\nKeep-Alive: timeout=5, max=70\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8194,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8183), with CRLF line terminators","md5":"4e5055736e271ef4e52440c1f6e3e90e","sha1":"89529e147ad495e73d96b89a5e6c8736cc1ddbcb","sha256":"219ecd03808c3bb921b80c2c9364768be810a0e2f658f9550739a9ea16eefe1d","sha512":"439101c4ca36b81ad41818737e558c56df88ee22f07498986516c1077adb23fc6b4c3dd1a6524ad1d56d1d93e2dc38b93edf5a26a8591cdb51f43031f6e5d6a5","ssdeep":"96:X9xq6lDw4duKjEWe7iAHnAJ8HoKhNlu/KHjFTaD0T32RXsJjTdQ7yKz:Nxr1jVQxA/KhNlu/KHhTvTssxTdQ7yo","tlshash":"96f1fe042313927f74bb27a5105a960a0308be37d7342ddb7ef559b14aabac92172e1f","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-01T02:24:39.89134Z","times_seen":64,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.150219+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":30,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/menu-dist.js?_=1775002894694\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1806},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":287,\"pkts_toclient\":547,\"bytes_toserver\":35558,\"bytes_toclient\":799373,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/bitz.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.238Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/bitz.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:57:58 GMT\r\nETag: \"4f10-5c1fa2a3a4580\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20240\r\nKeep-Alive: timeout=5, max=79\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20240,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ca241f4ff165aef002f21c7dd39deec6","sha1":"082edde746ac2d1504c4f896e46d454e78449b09","sha256":"c78215b14ff666913000363e1e4f61c8857eb76015b4e0504f650262fcb003dc","sha512":"97cfce7fc64a6bd4adc464def83bad2cbaf5189aa3d313d0fd944baab46ff2a3ea7f1fd6434a6c1aee39058877a7aed28f9fff72709f582ab5a6164e5fd503a7","ssdeep":"384:cWzLmHWN6CZN1Gmiw/AsO3RhGxPdXnr0fe3VZRxV5GtahFr/FsB:/LmHwTGmiUAs6a9r0fe3VjVGshd/Fs","tlshash":"5992f13c5aae99a54d4f46741c37f4e89751930dc47f6c80c5e21a081ed3fa91d9bf88","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.219029Z","times_seen":76,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":378,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.632787+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":21,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bitz.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2634},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":111,\"pkts_toclient\":238,\"bytes_toserver\":18648,\"bytes_toclient\":334411,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/destaque-3.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.259Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/destaque-3.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:46:48 GMT\r\nETag: \"25167-59da72025ca00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 151911\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":151911,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x352, components 3","md5":"c83e1f5c8ab44122b24173ddfd7133af","sha1":"0950a090bb50f683fdefcefcf8210e4b851f9a56","sha256":"5252cf914becaf918488b1759c1ee815de7bfa8dc6c71042399827fa8a4f347f","sha512":"54faf041208079e897e2d341f672608bb9e36909e7a66c5deadb8f9cba6760c2f780b53bc7fb3c73e3a1dbe05dc3cce2149f225716ad7ef7dc31df861640f7e2","ssdeep":"3072:RYD+Eczcf+ys6SZVJwUK0vaMProcxXWVLUGnUvm5yFxKjvkdY8b:uDSS+ndr1acXAQSUvmCaE","tlshash":"f0e312f9d61f4ec51ec6bf2d6460a11f13f3df7918472acc242e942ac762e7a41a2e44","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.229169Z","times_seen":112,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":236,"dns":0,"connect":0,"send":0,"wait":18,"receive":21,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.512111+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/destaque-3.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2606},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":38,\"pkts_toclient\":104,\"bytes_toserver\":9664,\"bytes_toclient\":139705,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.mmenu.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.292Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.mmenu.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:54 GMT\r\nETag: \"4225-5c1fa5c0e9e80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 5238\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16933,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10169), with CRLF line terminators","md5":"71e3ade6f16c8acafbc08bbffe2e22f5","sha1":"cafa974c40a4514e1e1fc914fe1254b0387b30a4","sha256":"486139cf05ddf44f16ea58eca8a1d68da8ebe26ef630052bc7a4df0a619371b8","sha512":"35af777286d758e948b7f97074e396ad0ba663cc60433958e749297e9659cf1d5060f6e1922578b1302e975b9b6c94486da1920d3fd124a29bfc0056d9535fff","ssdeep":"384:9YniZBRWnYtu/edvnxo4G2wXA41dyp5P8zht:12C5UXA4m5P8X","tlshash":"e072d74e718079f190abe2e2a1ab4409e533142c9606855c7278eac94d7e74a70f3fff","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.202542Z","times_seen":137,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.208859+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mmenu.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5238},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":22,\"bytes_toserver\":3948,\"bytes_toclient\":19248,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/mediaelement-and-player.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.299Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/mediaelement-and-player.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Wed, 10 Jan 2024 09:28:00 GMT\r\nETag: \"13d67-60e940c070800-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 22497\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":81255,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32115), with CRLF line terminators","md5":"10d1ac278f6fd79f6af8f0d3d19926e9","sha1":"2823cc42ebb798732cfce394744062659d619ae2","sha256":"c90d4cb15cb3c45e5fe2139fc585dd3a1a541e096c2dfae9855453b772ae812f","sha512":"b41443a54bc39986d187a27de046bceb77155dffe2ec8a54bf5fb5da9940cbe8d48b41eb9f10b7e4f91b9fae1a52c7bf2a3b4cf2d542279bb7858cd2845ccb40","ssdeep":"1536:Q0Yp/FSV6lnn4LP45lOpc6Pm6DqvY0NtSjtLpW9jQeb3Xevle:VYp/FNKrPm3n/St89jTOvQ","tlshash":"7a83f964b6403272c0e714ee202f568a223f8b6bf405d821b57eedf95df8d48526bf19","first_seen":"2024-05-09T20:36:34Z","last_seen":"2026-04-01T02:24:39.895604Z","times_seen":64,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":17,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.280640+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mediaelement-and-player.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2543},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":22,\"pkts_toclient\":31,\"bytes_toserver\":6021,\"bytes_toclient\":33739,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/detect-mobile.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.311Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/detect-mobile.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:15:56 GMT\r\nETag: \"859-5c1fa6a7b3f00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 562\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2137,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"57377d1435d515f195510e747b36bef4","sha1":"fe59e52cb1c2eaebf9639665d14f882205b05586","sha256":"8a29591c8d03d7f37e6dac874b6e1044f48bb90481225fe3d6ffa23d29e9bf59","sha512":"7cf8d02a69371c48fbb72e310e3b961934083fc149ecd474bc74780bd64afe9f9befcc28862ce5d0f625892e85b34d2c2fd95251d5bb8baf8b03b65e3dccb48d","ssdeep":"","tlshash":"09419e98f1c6a06591372a19b92f970cfa3ff00bd4348916797c46809ff184c6162e7c","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.188821Z","times_seen":130,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.298470+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":8,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/detect-mobile.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":562},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":27,\"pkts_toclient\":43,\"bytes_toserver\":6830,\"bytes_toclient\":48358,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/bg-navseg.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.714Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/bg-navseg.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 07:48:34 GMT\r\nETag: \"5f-59da726773880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 95\r\nKeep-Alive: timeout=5, max=76\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":95,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 1-bit colormap, non-interlaced","md5":"71a50dbba44c78128b221b7df7bb51f1","sha1":"0ec63b140374ba704a58fa0c743cb357683313dd","sha256":"3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517","sha512":"6ad523f5b65487369d305613366b9f68dcdeee225291766e3b25faf45439ca069f614030c08ca54c714fdbf7a944fac489b1515a8bf9e0d3191e1bcbbfe6a9df","ssdeep":"","tlshash":"fdb012e323704c36d1014173523c92138b22c31ca14d19438001fc280c63305ccc879a","first_seen":"2023-04-05T13:40:31Z","last_seen":"2026-05-01T01:10:55.713218Z","times_seen":18750,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.735587+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":24,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/bg-navseg.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":95},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":222,\"bytes_toserver\":20463,\"bytes_toclient\":307663,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/instagram-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.277Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/instagram-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:19:20 GMT\r\nETag: \"b44-59da7947ef200\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2884\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2884,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4b3b16a5adfc9dae47470191eb0fec56","sha1":"f4c68d190ae89e5b3936b004e3c25919e4c81e6d","sha256":"53fd2c0c272f1393b4cb65a4fa3bf5c89243d651934a19afde24108201c1a27b","sha512":"b74a12aed4dcf51378a25b1cc84a8882ee9c01bd0c3c57904df8e283a640c30d02c316ab2474a49cd1497795a7a9f6208bcc97e1a9fb309bba1c7430d574452a","ssdeep":"","tlshash":"4c51de270359db98be54443ce475310a71a9ecc3a0b8b2e4b767202be08d5e9f52d6ac","first_seen":"2023-05-18T15:35:59Z","last_seen":"2026-04-12T06:21:14.22979Z","times_seen":86,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":277,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.571692+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/instagram-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":103,\"pkts_toclient\":228,\"bytes_toserver\":16556,\"bytes_toclient\":320713,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/ua-parser.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/ua-parser.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:28 GMT\r\nETag: \"32d4-5c1fa5a81e400-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 4894\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13012,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13012), with no line terminators","md5":"d4cd4fba1d66aa7cd4301ae02aed66a7","sha1":"8e30247ce6869502a06399cc327026d4945c2f5b","sha256":"94a3b2e44bc1a8dc4788ff002fd34a08ec5a80ece283f705dce720b6b910dacd","sha512":"0786b0e123ab7a406267f4a134f716efd4571a3434f5d7c3079bd8f05d1aa8c0ad7fa72c906af71a218479ba1c5f20f60d4cd85cd650b52e82cc54442f165077","ssdeep":"384:tL+fKMdAgfscJAsUnQa8xOWBFGYdJbhIowspN:thlsJAsUQlwWBFzdJbhIoP","tlshash":"fa42c93ed7467f1057eada8cd52fa0006f379839cb8070a5cad86408f5c69a251ef7b2","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-30T15:31:33.361794Z","times_seen":247,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.214574+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":6,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/ua-parser.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":22,\"bytes_toserver\":4680,\"bytes_toclient\":21057,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/owl.carousel.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.294Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/owl.carousel.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:12:50 GMT\r\nETag: \"5d80-5c1fa5f651c80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6492\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":23936,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators","md5":"8c52f27fcac36c7667f8fb846e1e94d5","sha1":"e5862559db659ffd530c91452d668c5e7b3f0f2d","sha256":"6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad","sha512":"9b8f2503bf30b879d3318e8d3ee6ba447fdd0b3d7e2d4f0c3cc03eb325247e2e05e8a7978318e648c91f1a90fcd7ab7ce1018189d27f028ea33064e38307fb20","ssdeep":"384:7Ket0QK/Q52Cgwm0PQtiRX55DzNvYUyzLsxVxRbm:dK/Q4ptuXNQUyzLIk","tlshash":"08b2a54bb2202385469372b9419b110d713bfb78fc42855c70b6dadfaa4b84e9277b3d","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-01T01:36:18.472845Z","times_seen":3295,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.235148+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":7,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/owl.carousel.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":6492},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":29,\"bytes_toserver\":5378,\"bytes_toclient\":30711,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/fontes/BradescoSans-Bold.woff2","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.730Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/fontes/BradescoSans-Bold.woff2 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:48:06 GMT\r\nETag: \"510c-59da577a4b180\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20748\r\nKeep-Alive: timeout=5, max=74\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20748, version 1.0","md5":"23feadea48bccf299e3a0af3569927bf","sha1":"209b1db63bfe5c761f9ea25846604b8915ea4f26","sha256":"425ac854ea2f470d78ebca15567b0e7121506a274e22b19464a8aab7c1e04a4e","sha512":"eafd455ec3682c004813ded04e09eb5659afb1aace6d0e56aa7100a53f25fb32d208ecbb2e8bb424042778a2c96964383636a7c9284ddddc85389e78737f06ec","ssdeep":"384:P65S9YZpB/vdJmmetBIzmb0inbLQ962fzlWV/kIO9Wujxw8QiPuTRahUOX:SNrNXmN4mIObL4nzlYkIO9Wy1PuNahUg","tlshash":"f692e12f1a4bc666c562bfbc8b3fd20c6cea2432d729112c25520fde5fd8f95406d998","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-30T15:31:33.255351Z","times_seen":245,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.704790+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":26,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Bold.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":141,\"pkts_toclient\":283,\"bytes_toserver\":23216,\"bytes_toclient\":396085,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/desco-novaPONTOS/js/index-dist.js?_=1775002894696","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.188Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /desco-novaPONTOS/js/index-dist.js?_=1775002894696 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0; bra_nav_track_dt=[20260401002135]http://livelopontos26.dynv6.net/B84146/755498457447801/home.php\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:35 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:35Z","timestamp":1775002895,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:35.205601+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":25,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/desco-novaPONTOS/js/index-dist.js?_=1775002894696\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":194,\"pkts_toclient\":321,\"bytes_toserver\":26852,\"bytes_toclient\":452405,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validaFrame.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.281Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/validaFrame.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:09:44 GMT\r\nETag: \"768-5c1fa544efa00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 623\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1896,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"addf438d310a4069e47f4f3e1112f7a5","sha1":"ef52922c0601a15ee62f11d9a19858bbd99215bc","sha256":"586896240fa7cbc1e2ee22eeb8f658748f2423a22df23e2cca1a2ac9c21754c5","sha512":"c3864b9abd0f55699946f8af9c377505d4a4ad93a0e8925cba9c327d5807f9bc1b52b689953632bec1b65a83477dfec7072420d007364f138a3661eaaa5b6bac","ssdeep":"","tlshash":"10416ed90c02603552b26b31dea51d49fe7b01a35588e884bafc95841ff0fd8122efa4","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.233669Z","times_seen":124,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.151957+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFrame.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":623},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":16,\"bytes_toserver\":3911,\"bytes_toclient\":13592,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-chat-balon.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.331Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-chat-balon.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:50:32 GMT\r\nETag: \"665-5c1fa0fa4da00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1637\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 30, 8-bit/color RGBA, non-interlaced","md5":"a3e475702fe995e01d91abeeb4acbf31","sha1":"a83553b46f1929e87dbb55bbf29fe4378a0e5089","sha256":"c953d4585a8c8fe4ca6b2933fdd0bb1720a1fbd987866e5fc349fd4497001fd6","sha512":"052b45bc8d28bbf083f9c365f7191a9c425259bdf126eaad785713a71cad8dbd6a623ad37ac549a7644045f3ac501c6de7bcbdea83d48f6ad5567f9bebd2cbdb","ssdeep":"","tlshash":"ac31c60ffea878025324edc315f1f06b8a524ad0ced0f0d478dad55b5ea09e8846d4c7","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-01T02:24:39.849961Z","times_seen":95,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":238,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.585789+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-chat-balon.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1637},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":144,\"pkts_toclient\":280,\"bytes_toserver\":19747,\"bytes_toclient\":402243,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/jquery.mousewheel.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.337Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/jquery.mousewheel.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:21:26 GMT\r\nETag: \"9b3-5c1fa7e26a580-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 962\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2483,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"20fa602c8ee94776fddd5194e965f470","sha1":"85c53111adaeff064010bbf510ae1d8cc60cbc1f","sha256":"6793dd6128093c3b18d400a533068f6e354390faec1e5ebf2da9dfcb38bbb0c2","sha512":"9d4c74babc4b1fa2a92f8a1be4239c1c2f7b692098c98952bd9b60a54b2d95370f332693591d966687ce99b93a0031614fea5754c3062263e828fab271cb27dd","ssdeep":"","tlshash":"8a51f048268941e744ba7735eb4a9187f1b940a711273c66f86d2d802f30d8857f0fdd","first_seen":"2023-03-08T09:30:28Z","last_seen":"2026-04-27T04:06:20.830816Z","times_seen":278,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.374144+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":11,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/jquery.mousewheel.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":962},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":32,\"pkts_toclient\":53,\"bytes_toserver\":8714,\"bytes_toclient\":60578,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.487Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/topbar.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:07:06 GMT\r\nETag: \"40b0-5c1fa4ae41680-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2701\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16560,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (971), with CRLF line terminators","md5":"413d0391248e350edef82b31b4fd2d51","sha1":"45c8ddff49336c2315e1dcfcfad49dfee732446c","sha256":"68b9de884ef348f2bc0cc1be66e99bd4f5d86b2a43d9e1edd70e04651e1cffa2","sha512":"7c100cfb82336167e417780954ffaa0b2350cc093801de39fbe8027e3a52e48b960a7f20f6fffb3920855305c06f08942f93c4f6dcb78a1e5c68d0443764b5db","ssdeep":"192:5lSqZ9w0517v8Pla0CqPU18qZ9w0517vxH+UKZY1rae1:iqZ9w0X7EkqPUGqZ9w0X7JMZorP1","tlshash":"4c72331772941f07b62bc3a1fa828bd63b37d103ed0e746e665a141bd18e7e582b67c0","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.282879Z","times_seen":74,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.473804+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":16,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/topbar.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/main.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":63,\"pkts_toclient\":108,\"bytes_toserver\":12737,\"bytes_toclient\":137312,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/agora_hover.webp","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.219Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/agora_hover.webp HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:56:00 GMT\r\nETag: \"13f8-5c1fa2331bc00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5112\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5112,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e0fe0674c640e0dad5e134c7895bdba9","sha1":"3a29eca2327a7de2fb5f2ff0c609ad68df257923","sha256":"188a133ddad044244466fda13f1bdfe9c33b76db1f326ff0c608de086a33b477","sha512":"6bdb3a0b0395e030e4031a8eca83bbc38e2446280f85fbb1b9ac3ca7bbcd30b1c80f74182bc5d4233c53320c9e2e6a195f7c0c38b29d538b4e7c1e15b904ccd7","ssdeep":"96:Wh0aN1z5UJhTPy8Mtaf3b/FgDxQtJU1pqYXQIZ/8KWeGNBIBseCT1ZT5rSLNNW:WiaNBqJh24f3b4xQ4vXC+Qr6N","tlshash":"cdb18dd81574b0c71182f70f1542f50297a3e8943126a0e7f23fa7b492da3a178b5bad","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.237638Z","times_seen":76,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.614521+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/agora_hover.webp\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2635},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":108,\"pkts_toclient\":236,\"bytes_toserver\":17934,\"bytes_toclient\":331383,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/seta.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.710Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/seta.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:06:56 GMT\r\nETag: \"d7-5c1fa4a4b8000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 215\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":215,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 8 x 9, 8-bit/color RGBA, non-interlaced","md5":"7d4441c51bc1bdd1485ae02be0115286","sha1":"f351deddc353454e4a2b80dec686d48175404baa","sha256":"d610cb0b8d0af8f04c44a8f5aa187ae6927aa4a1f9c0461a56c2f24936abf68c","sha512":"ff85f567101bb724e4300e2c5e6223576cc58d1dbb35546fe71faa2dc2a1c50aa1a963eaaf415f06fe35b6c91475119bbd88dbb39ccd80a80c4eadbc98bab158","ssdeep":"","tlshash":"63d023c549a00ebdce6d5593010648156463141c2db7541620fdd42d3d52d0563949e1","first_seen":"2023-05-21T02:59:23Z","last_seen":"2026-04-30T15:31:33.317272Z","times_seen":194,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.689198+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/seta.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/topbar.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":215},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":120,\"pkts_toclient\":253,\"bytes_toserver\":20896,\"bytes_toclient\":354819,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/owl.carousel.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.097Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/owl.carousel.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:30:24 GMT\r\nETag: \"61e-5c1f9c7a43c00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 549\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1566,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"4977171829c22e8fa028e2a517d7bc97","sha1":"4b95f6a317b01a2d3966a012692e19287c2476a6","sha256":"23cc0b5e84447b9686abd774ed2e09c992f199ab00d9a8a0c4bac911e73b248f","sha512":"9fcb2b501ae07f79446b321c2c9c8b7334461bd82ca2831cddaa1f23663178f1af9b1ad5dfd85d52e5f09fb9a4741d9a5e4d36385d92e61a14d1675a37060eb5","ssdeep":"","tlshash":"7531ace41231218d52668ba947fee7284c3dd051ad03104f3a8f6e0a47cfe6d651f75b","first_seen":"2023-04-13T00:52:13Z","last_seen":"2026-04-12T06:21:14.199122Z","times_seen":105,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.050125+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/owl.carousel.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":549},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":2007,\"bytes_toclient\":3877,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/index-footer-map.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.125Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/index-footer-map.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:35:42 GMT\r\nETag: \"346-5c1f9da988780-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 337\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":838,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f64200b64faac93728042617272150c3","sha1":"b59ddc1f2231888853abcfcfb04d494cb73295b3","sha256":"fe3633a48b742433c9ae16fe55737f6f67c3f72d240ec750f61f5e40fd97c681","sha512":"43efd728f2d182ba9b602183a9f7b89ce72bda7b53ddd2b30405e0cb474d8ef5d87abb2f2b05f7b84480a6a479609425cbe1d3e0193d2e46de72fae3161b79c8","ssdeep":"","tlshash":"1a014e6cda1a7847a137aa3bb769b591f79c512b9802c568fed812044f7413492d2fcc","first_seen":"2023-05-15T18:31:25Z","last_seen":"2026-04-12T06:21:14.2364Z","times_seen":91,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.104045+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/index-footer-map.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":337},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":11,\"pkts_toclient\":13,\"bytes_toserver\":2789,\"bytes_toclient\":11549,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/003-m.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.205Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/003-m.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Thu, 10 Nov 2022 09:26:02 GMT\r\nETag: \"afcc-5ed1a5c98be80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 45004\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":45004,"size_decoded":0,"mime_type":"image/jpeg","magic":"RIFF (little-endian) data, Web/P image","md5":"24fb115862cdc782849ab46b29a44a2b","sha1":"f27e1a8dfed07a9b9fa1fc4a84872ec7dd424b0d","sha256":"699e5f40e88939d16add36da968503ca25ebd26b0b07632246f384b28064c5b8","sha512":"0c197d38d7dd4c1245bb64043a7e6c022e8c4e13a93d6ea85c3351c9afe39af9be34523af7bc5fd420a118671ca7a5d03606caf0a9ac5ec915c6bab7bf5f5a02","ssdeep":"768:cmvosKouy589LPKPO3K2g/HwWJo88EN1nPmA1361VqID9ILTf3zhoen5qvmSHI3s:cmvKouhLCW3Kf1MEN1Oq34txiDWhOMI8","tlshash":"2213f1a2c2893dc0c52c42b194db0ef67a2e7d52e67b5f6427e4034753bbc6b7889903","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-01T02:24:39.915874Z","times_seen":54,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.586724+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":19,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/003-m.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2608},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":190,\"bytes_toserver\":17799,\"bytes_toclient\":259441,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon-googleassistente.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.273Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon-googleassistente.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:17:46 GMT\r\nETag: \"636-59da78ee49e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1590\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 82 x 81, 8-bit colormap, non-interlaced","md5":"6c33a791e78d3f1a62db7b4e9925c3a2","sha1":"77082eda2fbda37a694b4078077940d734eca2f2","sha256":"d1a600237375df88e0c3bdc40eec68a49e8e644817ebb803373c49574f2c44e7","sha512":"e980487c54e155f040e3f0ff00e604932559847863d07160c286e26c7e7620920221bde7a10a223073d5cc4f8a05ed8d8c118afbb7c4b14419d90cba3d69cefc","ssdeep":"","tlshash":"413108ad594daa2da04220fb733a1b91d0217e8ccecbc0a3476df169647c55f06cd387","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.245649Z","times_seen":116,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.554092+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon-googleassistente.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1590},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":101,\"pkts_toclient\":225,\"bytes_toserver\":15901,\"bytes_toclient\":317342,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/tiktok-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.278Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/tiktok-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:03:10 GMT\r\nETag: \"409-5c1fa3cd30380\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1033\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1033,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a89c5f486159411d3c8edd87e844554f","sha1":"5ff39ae9028abc2f07b4aca623b50afd6daa2d72","sha256":"30e5b1e7a5c3701fca824496936ced7dee1efb620bc86bd1925ae5839f863ebd","sha512":"4e2e6e45d18c3ca7e991506797c91f77dc3e8f62d49dbf089fa616097d66f62175075740dbd30e469bca8567cf4cac42837bc06099762bbb759c271062008e88","ssdeep":"","tlshash":"511102fb13950b0851a18b8997943b94a73d905b30722445f32634377e7866b167f411","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-21T09:04:52.815491Z","times_seen":101,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.580568+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/tiktok-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1033},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":91,\"pkts_toclient\":158,\"bytes_toserver\":17298,\"bytes_toclient\":213645,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/bPagina-min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.284Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/bPagina-min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:11:08 GMT\r\nETag: \"364-5c1fa5950b700-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 561\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (866), with CRLF line terminators","md5":"9dc92dc4389be9e455561693fc38131c","sha1":"6f9b7eb7a3a11770bd8b88d58cfc15f8f426942d","sha256":"12ab6dba5abd795c4eab5b5531fe8da10949e2bea0d835bd32f5a5336d91d8be","sha512":"7ed90fa26201216e19a20da3e07dd66b4c032d24fe4cb140f0db1560d881be3f285bfbf1c654c4e2f80755c813e09994d800ea3b4efe15f31f64f48e3a5c10a0","ssdeep":"","tlshash":"1911238ab39e34b2b330f335549f0a073174682245db62e0962d8cd43479974c0328bc","first_seen":"2023-03-07T12:06:30Z","last_seen":"2026-04-12T06:21:14.22739Z","times_seen":130,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50106,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.193581+0000\",\"flow_id\":405953414238599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50106,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/bPagina-min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":561},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":14,\"pkts_toclient\":17,\"bytes_toserver\":4486,\"bytes_toclient\":14568,\"start\":\"2026-04-01T00:21:33.987527+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"aaab/weblibras/auto/close-wlauto.png","fqdn":"aaab","domain":"aaab","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:35.295Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /weblibras/auto/close-wlauto.png HTTP/1.1\r\nHost: aaab\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T01:39:33.509705Z","times_seen":14450037,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/mediaelementplayer.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.108Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/mediaelementplayer.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:48:52 GMT\r\nETag: \"6585-5c1f9331b5500-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 4004\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":25989,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (303), with CRLF line terminators","md5":"8febda913a6bd50bee35a337f25d86df","sha1":"b290470ad03a7d829428c7eff2182dd4369bf8cf","sha256":"54b06af6d242f7b2b10591d0a9401cacbd7a422b88b09eb06d9f1bcdd64fa4e2","sha512":"28572f713586482087717abb846d26e262e3b4e202e09822165528dfcebba282199046b4f47f9d9a3fa503ecd231eec4b3541219366dca426d70740ad92b64b1","ssdeep":"768:D0YPmJyBUKSXBDNNx8HUcGzXwJd3PcBCthv1/KS66SIqXx+W6WiY6n:e6n","tlshash":"29c28328d4eb125d7127e9e4b7f1e75c9f9b8226fe07866cf1f639a0d2898ad5033041","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.217613Z","times_seen":124,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.064696+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/mediaelementplayer.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2559},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":26,\"pkts_toclient\":26,\"bytes_toserver\":3226,\"bytes_toclient\":32843,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/001-m.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.190Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/001-m.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Sun, 06 Aug 2023 05:10:04 GMT\r\nETag: \"ca92-6023a24802300\"\r\nAccept-Ranges: bytes\r\nContent-Length: 51858\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":51858,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"277f57e5744ca34675b4f467dc635385","sha1":"921ea14c40cb3cf7ccb4c08a96d41e383bcddb3b","sha256":"083ca85f51ebad337614e110a7ba86b8443037a6e67afa07ea38e3bef4877a91","sha512":"6234709b1b79e0a69d6a0ea15a3cf8a0063b0fd43779c75d984bcfa29c823f27b169fadde7f2c8cd08bd525e77a5003e192cd651504c8d9e8300784b0189e37a","ssdeep":"1536:FitPCljC0dJ6/O3PDlSzhTAph6NylJzc6wV1Xd:sCNC07OOfDwNT66N+g7","tlshash":"0f33f179b4e1e0ccd9716933861a8725e0c53c6ae6e51ef0d0ea2419a58da2f07e633c","first_seen":"2024-05-09T20:36:37Z","last_seen":"2026-04-01T02:24:39.888065Z","times_seen":54,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":220,"dns":0,"connect":0,"send":0,"wait":20,"receive":20,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.430364+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/001-m.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":37,\"pkts_toclient\":60,\"bytes_toserver\":10108,\"bytes_toclient\":70705,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/004-m.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.194Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/004-m.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 19 Jun 2023 09:30:12 GMT\r\nETag: \"d320-5fe782e6d5100\"\r\nAccept-Ranges: bytes\r\nContent-Length: 54048\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":54048,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"8bc9688f7862a547a84b4e35fa443ea2","sha1":"3955829a6315f0e0e3f763999ba8366459e3d438","sha256":"1013f5c7af80892d92cb1e4b74743b33ca154196c25199c0d6865e804a596b8e","sha512":"00cb53530d323a41d9a141edfc988a44bfda6dc92bfa4b4ea31a8f2d09aaf3d4f553e793a369e021237769754617b2f1d7595196d5b6a62289eea09bd979a187","ssdeep":"1536:hCAQf7uKkJH8uapIHeQVRg18F52IgO6WQ2j9hyh6wKg:hCvfS9ZFapI+sVj6WQI9hyh9Kg","tlshash":"9433f1bd3b857154d4871af104fe5c27f9cbc70ea075e9c18ae29903639d22b368a433","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-01T02:24:39.818421Z","times_seen":54,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":23,"receive":18,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.439483+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":14,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/004-m.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":61,\"pkts_toclient\":97,\"bytes_toserver\":11615,\"bytes_toclient\":121677,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/validaFormNaoCorrentista.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.304Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/validaFormNaoCorrentista.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:14:46 GMT\r\nETag: \"161a-5c1fa664f2180-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1837\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (318), with CRLF line terminators","md5":"3f393ea9dc4d8207a8aa63da199107fc","sha1":"7543974a3aeb91555f80d08676e4a2349974c702","sha256":"8576bf058af7c38bb8412cdf33709b090bf691fb3aa99a6b3bb80dd7399bee1b","sha512":"b92225e303637bb89a3026df4b3bd81eb6a42d054724bc3bb4c5949a7b264c1c1f055c7a0ef65620191c118802d3326dd17ed161cb9c666f9fc641cf59ada94c","ssdeep":"96:wydssQAmSwBB0aTsstAmjIpMtPlpiK+ZyiwzMa5eiAQ+FROAzk8B8qj1ml1:HdssVmnn0aTssqm0CowvkHjk8B8qjsr","tlshash":"1bc12048b95b04ae9fb1331682371519dcfc52231584dfa0f84da0987bb0a6e46df5fd","first_seen":"2023-03-08T07:12:26Z","last_seen":"2026-04-12T06:21:14.239617Z","times_seen":127,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.278544+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":4,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/validaFormNaoCorrentista.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1837},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":16,\"pkts_toclient\":26,\"bytes_toserver\":3608,\"bytes_toclient\":28339,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/mascara.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.305Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/mascara.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:14:54 GMT\r\nETag: \"4864-5c1fa66c93380-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 3688\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":18532,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"d0b846dd64783d6dcedf17b603aeafd2","sha1":"7a159ed6b812bc88fc28137116426f20de1e226e","sha256":"7f0f0c14e8a93c312a359ca181466d56ffebb63347849d1fad1a714b3f8d725b","sha512":"58972dce9ec5f93b8c2359bb7e3c52fc42415f7360746c550098bd8ab3e144b098c14e0fba7dd62e6aa4ae6152cf04cd192f466dc9262e20fe239c8eb5aa1f13","ssdeep":"192:4BarGDee6uNKZTXX+YtnPsgjBtnPskoqO2eCxA7hYjxtw4wW7357BR8O2xUq+W7n:4Zq7Pw4FLPoOTw4wSl8DxJ+W7OW","tlshash":"d8820f08adda503d1f7260f98eaf408edb6f1d510d2295a0f29c45443fa2ea561fecf8","first_seen":"2023-03-13T01:34:16Z","last_seen":"2026-04-12T06:21:14.191455Z","times_seen":126,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.283283+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/mascara.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2545},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":42,\"pkts_toclient\":56,\"bytes_toserver\":7792,\"bytes_toclient\":63293,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/fontes/BradescoSans-Thin.woff2","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.925Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/fontes/BradescoSans-Thin.woff2 HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2; nvgc43243=0|0; nvgt43243=1775002894524_1_0|0_0|0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 05:59:52 GMT\r\nETag: \"4b3c-59da5a1b96600\"\r\nAccept-Ranges: bytes\r\nContent-Length: 19260\r\nKeep-Alive: timeout=5, max=77\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":19260,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19260, version 1.0","md5":"c572410c3a30231fae6c70c18f687837","sha1":"e2181af29be95bb9f5413892b04d7e78de47ef8b","sha256":"791d4be74b60098b8490658037e3f7637ea2ab77f15dd78590a3632bc3e8f342","sha512":"97fd029aefaf1494ce5fd6e3e8d20e2d5c35d93ef987807e99bea05469f7332a2d6a805c1fa0e4dd54b4b47886ed6c9b89aea66f096fc5e41fe87fa9c4199b3d","ssdeep":"384:z19csyMjANA2J7mRr8fBoMp8cx9KkJZBPUX4wr1o2t:59cYwA2J7mR9Mp8cDKkJZCjr1oi","tlshash":"1082d0539132b08cc25bccfaf6f42c2527fa54b3538446f395989b3ce536004b59da1e","first_seen":"2023-05-12T00:41:24Z","last_seen":"2026-04-12T06:21:14.323802Z","times_seen":84,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.943183+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":23,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/fontes/BradescoSans-Thin.woff2\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"font/woff2\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/css/font-bradesco.css\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1160},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":117,\"pkts_toclient\":245,\"bytes_toserver\":20265,\"bytes_toclient\":339847,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/chosen.min.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.088Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/chosen.min.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 12:44:30 GMT\r\nETag: \"2c09-5c1f9237d8780-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2251\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11273,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11149), with CRLF line terminators","md5":"160586b25ad0888f0887484fa8730dd0","sha1":"8fef5d87966404243d72381f4bcf70b9b6f2e62a","sha256":"c76485d16c80445203ebef9671167c70fb8da1d68813a2e9ca2e320a02b4349b","sha512":"67a449aecd252d436a0e0231239967b89763c8225c94a50c3fe7bf0e84aa863b7d608869de9f837249659fe8b55ab6e94cb843a95d58d363d74243b13a9cdfbe","ssdeep":"192:112LxA9v3LQbAUpNDpEKjyELedBaEMuawTe0E:11C4vwzm4Ebs","tlshash":"bc32de6aebe12a2db4f385fca45021c96730c4e2d6090facbe6b75e4d6c5cd20053e5d","first_seen":"2023-04-08T19:24:52Z","last_seen":"2026-04-12T06:21:14.244613Z","times_seen":128,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":1,"connect":18,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.025550+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/chosen.min.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1110},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":783,\"bytes_toclient\":2861,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade_produtos_servicos.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.172Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade_produtos_servicos.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:47:26 GMT\r\nETag: \"40e-5c1fa048eb780\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1038\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1038,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"abe57704508cb0fceb50aa3a227d3c7c","sha1":"a8a65747a01bb1bf827aeb308c02b97ba8d6ed04","sha256":"3686fea362a62dde4d994ba8b3fd42c455369c916ce95ea819c3a245380843ce","sha512":"998cf2b172cb8fc1e754db0dedda1fe6b47240ce07fe0693f877cc7e02dabcd1fa781968349718f5e9d2cad28c9fae103454ddec8451175480ec610f093ab493","ssdeep":"","tlshash":"2e11efb60a5a149ef46107b8cbc46b98116edcc3e06699d8bb5215730b2188b5dbcf20","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-12T06:21:14.199834Z","times_seen":74,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":221,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.410159+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_produtos_servicos.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1038},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":36,\"pkts_toclient\":58,\"bytes_toserver\":10042,\"bytes_toclient\":67677,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/consorcio-hover.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.214Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/consorcio-hover.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:55:20 GMT\r\nETag: \"b839-5c1fa20cf6200\"\r\nAccept-Ranges: bytes\r\nContent-Length: 47161\r\nKeep-Alive: timeout=5, max=80\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":47161,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 509 x 577, 8-bit/color RGBA, non-interlaced","md5":"50a6b8d6032fc67de5ec73830a891621","sha1":"1b08957a643bd5b0fb82167a8694c33e628d47a3","sha256":"db662d5889aaf9bbd3f2b82bbe1e36d9e43a61763850f3e921770b03e27ec19b","sha512":"23ecc0c623c7f05619b431bd6f8552478a31e928c51e0840dc78519d88ad55c0b1dcf4de810cd31067e6b655f4f7b2b3f6ad48fa2751278e8327739c6ac6e356","ssdeep":"768:2EPTHro9rY+E6AA6o3bHj/qrLzAVOut9ns+jlULBDF8IomQlAxaduDfbs3:2ED09r1dbbqrHSOyZNhUl7jSus3","tlshash":"78230290a41404618aa06e186db4b8bb2d1fa4e0f731d9f8ebd7c723b5353addd1cad4","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.214478Z","times_seen":76,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":376,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50068,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.611754+0000\",\"flow_id\":1666081786514558,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50068,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":20,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/consorcio-hover.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2609},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":132,\"pkts_toclient\":222,\"bytes_toserver\":19447,\"bytes_toclient\":306845,\"start\":\"2026-04-01T00:21:33.740478+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/m-destaque-4.jpg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.270Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/m-destaque-4.jpg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:01:44 GMT\r\nETag: \"116ec-5c1fa37b2c200\"\r\nAccept-Ranges: bytes\r\nContent-Length: 71404\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":71404,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 321x352, components 3","md5":"f2c49c72b282b1382d7fde54fa685d75","sha1":"cc7838583c601bb6cced7d037f99b79b9fab664b","sha256":"620f76f7bc2454b5cfd1f2247b05b88e8f91c26123eed292302773c5d34bfa1a","sha512":"1e4de3a12c1e3e7182303e355b2773323ca7d942e9157bda8c4f0df6f36a288ca788318b066ce26525664b5e07d73c7b248e94bde8dd3c500c897700288b7234","ssdeep":"1536:GMnmVq0QfKVaS5e+fK1GhQKxMRiEG1K6Ua3WsB74AnypNfH5xpHvQdhAXOtD:GEWq3fK1dGGCK1Eq7UEWsB7sZvSoOJ","tlshash":"1c6302fdc3b38bf6d3c17a0642405d41958ab84adfc7e17722982645cac4a3e6e8c75a","first_seen":"2024-05-09T20:36:36Z","last_seen":"2026-04-12T06:21:14.20856Z","times_seen":74,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.517456+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":17,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/m-destaque-4.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2607},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":58,\"pkts_toclient\":102,\"bytes_toserver\":13030,\"bytes_toclient\":132037,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/qr-code-whatsapp-bia.png","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.271Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/qr-code-whatsapp-bia.png HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Fri, 31 Jul 2020 22:23:30 GMT\r\nETag: \"1c05-5abc43d10bc80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 7173\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":7173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"5f6569615f4398f3e8cef507ade3a61d","sha1":"a0f08b70f8505921f875c10229523c378dcab1e9","sha256":"8f2decde2b4d22b167bce1adb75c1f684b2a38bb42b0317bea041222077fdbfc","sha512":"3a6a5e04ddf9051c855ef62a1f015151d99df8c82370e793f6864c7c7731820779f921860029255d65e5d12f33b4e0be31466a2e71c6662e39fd5059f04d5816","ssdeep":"192:nfpSrJ3Y3YTagAgYxzdR7P+vxBIOIpLUQF:InOZ/R6JCnmQF","tlshash":"bee18d96fb5116015266d0e74ee0cc2308a7496d36d8e5f2fcd188c248481a5f869bbf","first_seen":"2023-05-01T09:25:43Z","last_seen":"2026-04-12T06:21:14.201206Z","times_seen":126,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":249,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.537316+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":18,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/qr-code-whatsapp-bia.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2610},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":84,\"pkts_toclient\":151,\"bytes_toserver\":15277,\"bytes_toclient\":205516,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/youtube-01.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.277Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/youtube-01.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 03 Feb 2020 08:19:02 GMT\r\nETag: \"53f-59da7936c4980\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1343\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1343,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2963e7665c274ec347499d0a6ef7141b","sha1":"eb648441e25eb0044476e47b1f500064f34939b0","sha256":"d5e508a5fa29fa04d55a9845667512a018005643c2e33b940170d0af33a3bbc8","sha512":"fb2a2e10523a83ac0ff321ebb2368e441a998c8a6aeaf1569f6e9f42fe865204cc356b15f2a13dce291ac368e9b3698f969e14e3d6efb9718139638a65a15e82","ssdeep":"","tlshash":"11214425425ef55cae11c278e0fd3247403a4c9292a872f8f997203bf11d4e5ad3f89c","first_seen":"2023-05-27T11:04:38Z","last_seen":"2026-04-12T06:21:14.226732Z","times_seen":86,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":275,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.569366+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":15,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/youtube-01.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1343},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":95,\"pkts_toclient\":211,\"bytes_toserver\":14469,\"bytes_toclient\":295082,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/chatbia-dist.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.280Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/chatbia-dist.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:23:16 GMT\r\nETag: \"f35-5c1fa84b51d00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1268\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3893,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3840), with CRLF line terminators","md5":"7fc823def780eeac985fae43937bc2a2","sha1":"31c94ac6a1d9aa3004ced5ac5380ad81f074dcc7","sha256":"af035775488a426feae6ed7e2375d0d0a2cda213d57ba66745d98c46892de32d","sha512":"8ae9d2738975d1309cdb944c8a1a6de5369567e66155dbe59fb2b391f9b08bc2346adf8b14c57c3ddc4f52b08a5718c08c9d40d7a387b55c1faf02cc66293d2a","ssdeep":"","tlshash":"9281337c78329fbcf0e723e0198b1506143b4d9fa0489dae71b54c1a4aa9d9e5137e2e","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.20919Z","times_seen":84,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50094,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.146195+0000\",\"flow_id\":2079826723538824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50094,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":5,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/chatbia-dist.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1268},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":3911,\"bytes_toclient\":11643,\"start\":\"2026-04-01T00:21:33.984968+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/images/icon_acessibilidade_navegacao.svg","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.171Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/images/icon_acessibilidade_navegacao.svg HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:47:14 GMT\r\nETag: \"47f-5c1fa03d79c80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1151\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1151,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4c5f69587059a2a37ed353fa0f5f5c22","sha1":"1dc34768c035752454067de351161c4acbe9eb6e","sha256":"c93535c2c6bb1dcb4cdf31d14039550a40fb4b4a8daf307652843c6d838cbf6b","sha512":"feb7ad56d36d7187063235ab90b204b42efe6edd0d87c8dbcd5f57eafb637135a12f3102b511ff31671166ae3a20b89eac6a22f51745c79d4aad3d3f79ff3dad","ssdeep":"","tlshash":"d3214ff15a29801b60230777d7d11f8940bfa19bd1a288efff9206b74f3481f49ac255","first_seen":"2023-05-09T04:31:15Z","last_seen":"2026-04-12T06:21:14.178179Z","times_seen":74,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":217,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.405085+0000\",\"flow_id\":138726991531143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50098,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":13,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/images/icon_acessibilidade_navegacao.svg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/svg+xml\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1151},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":35,\"pkts_toclient\":51,\"bytes_toserver\":9924,\"bytes_toclient\":61432,\"start\":\"2026-04-01T00:21:33.986247+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/html5lightbox.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.325Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/html5lightbox.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nContent-Length: 286\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":286,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"543739dbec18dac99724ce5fae0f0e75","sha1":"d84096f1c05af3fe70697c30ce4cbfe55408cb04","sha256":"ef4e2efa9eee8d7f1040a597ee245398740a3a8400965b44e677b9ba54adebc9","sha512":"25abbdee462544a7e9c167d7ab50b175b9838ecb3b6670bb1dd1a02702b6bfc115230bea2499cf9f0dcdf430d60d51e111a1c3e39be946e0981f47047734bddc","ssdeep":"","tlshash":"a3d0cd9f9052a2860912159039c525d1264c53ea682986e82985d487519853d8d96589","first_seen":"2026-04-01T00:22:10.053496Z","last_seen":"2026-04-01T00:22:10.053496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50084,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.329476+0000\",\"flow_id\":90677044904502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50084,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":25,\"pkts_toclient\":42,\"bytes_toserver\":7221,\"bytes_toclient\":44442,\"start\":\"2026-04-01T00:21:33.983606+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.871588+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":22,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/html5lightbox.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":286},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":115,\"pkts_toclient\":240,\"bytes_toserver\":19538,\"bytes_toclient\":332277,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/css/btns.css","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.119Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/css/btns.css HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 13:31:58 GMT\r\nETag: \"b85-5c1f9cd3e8f80-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 746\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2949,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (409), with CRLF line terminators","md5":"2a3ca3ef179728be99de1b20d731d2bb","sha1":"a2b1c4f58cf3b0656b54302a119212a76eba4cfa","sha256":"098a38b8e834ea3b1ba83c582ab0ea00e4afdd94e6812ead4f95a8c73006833d","sha512":"0f3e3556aa3c782158f59e210d0cf126f8f7952f51123a19ae74532346e59152da3874735952b0a2094c3e6ecfeb6d587deebdaaaa5d5894f112f3d5f51c8ec8","ssdeep":"","tlshash":"8151ddc2f2d52076713642aeb812ebb69c5db560d2484b38f3f2786c41de9ab2135394","first_seen":"2024-05-09T20:36:35Z","last_seen":"2026-04-12T06:21:14.196473Z","times_seen":84,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.101336+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/css/btns.css\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/css\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":746},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1935,\"bytes_toclient\":2414,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"http","addr":"livelopontos26.dynv6.net/B84146/755498457447801/js/slick.min.js","fqdn":"livelopontos26.dynv6.net","domain":"livelopontos26.dynv6.net","tld":"dynv6.net"},"ip":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840","date":"2026-04-01T00:21:34.344Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /B84146/755498457447801/js/slick.min.js HTTP/1.1\r\nHost: livelopontos26.dynv6.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\r\nCookie: PHPSESSID=j71i40qpskpt94n3c5sp0nqcb2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 01 Apr 2026 00:21:34 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Mon, 10 May 2021 14:23:06 GMT\r\nETag: \"a770-5c1fa841c8680-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 10445\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":42864,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862), with CRLF line terminators","md5":"777da4aaf5b960636dec0fd4e50ba489","sha1":"9a94038ccae90e6d2a0f9cb61f79ae7c70320287","sha256":"e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb","sha512":"9b810776ff98b94fe765b192187064d2ce4921fb60baf4c797c3302d332f7e55556e54eb070cc8917f61aa74191539a294457aa18d54f5e85527652695c6f848","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYK:EPrYdlNixEePiYK","tlshash":"6213a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","first_seen":"2023-03-07T01:06:24Z","last_seen":"2026-05-01T01:57:20.956668Z","times_seen":12521,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-01T00:21:34Z","timestamp":1775002894,"ip_dst":{"addr":"151.242.2.236","port":80,"asn":205647,"as":"Pardis Fanvari Partak Ltd","country":"Iran","country_code":"IR"},"ip_src":{"addr":"172.18.0.18","port":50078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain","source":"{\"timestamp\":\"2026-04-01T00:21:34.392471+0000\",\"flow_id\":1512212435695158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":50078,\"dest_ip\":\"151.242.2.236\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":9,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042838,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.dynv6 .net Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"livelopontos26.dynv6.net\",\"url\":\"/B84146/755498457447801/js/slick.min.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://livelopontos26.dynv6.net/B84146/755498457447801/home.php?hash=16219301469cbda86e4c4b0.50547840\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3992},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":35,\"bytes_toserver\":6642,\"bytes_toclient\":39076,\"start\":\"2026-04-01T00:21:33.980534+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"livelopontos26.dynv6.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"livelopontos26.dynv6.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}}]}