Report - www.ankosoft-suhl.de/anfahrt.html

Report Overview

Submitted URL
www.ankosoft-suhl.de/anfahrt.html
IP
217.160.0.78
ASN
#8560 IONOS SE
Submitted
2023-06-02 11:24:04
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.ankosoft-suhl.de	unknown	unknown	2017-03-03	2023-01-19	770 B	1.3 kB	217.160.0.78
ankoshl.ddns.net	unknown	2001-06-28	2018-05-16	2022-03-12	440 B	2.1 kB	95.89.183.88
maps.google.com	1899	1997-09-15	2012-09-11	2023-06-02	419 B	1.9 kB	142.250.74.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-02 11:23:46	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-02 11:23:46	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-06-02 11:23:47	medium	Client IP	95.89.183.88	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	ankoshl.ddns.net/anfahrt.html	0 B	2023-03-07	2024-04-27
Pretty URL ankoshl.ddns.net/anfahrt.html IP 95.89.183.88 ASN #3209 Vodafone GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:09:26 Times Seen37108652 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	6 B	2023-03-07	2024-04-25
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-07 21:50:32 Last Seen2024-04-25 23:46:49 Times Seen219 Hash 9bb4b71e94b92dd4c8d9123479c28114 94ea5f589396df68c37d6c28efac0a817a2fa0ce 427e505584f3aacc678f48a59b697e590654df4d589b054192c103a1967f15b9 Loading...

	unknown	9 B	2023-05-14	2024-04-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-14 03:10:59 Last Seen2024-04-24 22:31:35 Times Seen23 Hash 7782948dcbbafabef61746fd07d7e0a2 e0680c0cc8bf4774cd8f46011c5fccdb06e48a9f 96204127595274b7559b983c74c7b54aad38b3fadaffb5bfe7944b14134be0e6 Loading...

HTTP Transactions (4)

URL IP Response Size

www.ankosoft-suhl.de/anfahrt.html

217.160.0.78

469 B

URL User Request GET
www.ankosoft-suhl.de/anfahrt.html
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
469 B (469 bytes)
Hash
00dff1e11eedd395a37e832812347ede
9f447cb93e18b3d41ca5bdb26d4253fe6e03f66e
5f501975a42339da64d08580fa9641712a9ff903481e6621eef107d0bab4d572

HTTP Headers

GET /anfahrt.html HTTP/1.1
Host: www.ankosoft-suhl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Fri, 02 Jun 2023 11:23:47 GMT
Server: Apache
Content-Encoding: gzip

www.ankosoft-suhl.de/favicon.ico

217.160.0.78

200 OK

469 B

URL GET HTTP/1.1
www.ankosoft-suhl.de/favicon.ico
IP
217.160.0.78:80
ASN
#8560 IONOS SE

Requested by
http://www.ankosoft-suhl.de/anfahrt.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
469 B (469 bytes)
Hash
0d56e8c01eba9182a20ce8e24d15a8a4
3135da58a9885cc59edbf5650a06a703feed66ee
6d547565d6e74b10c15edecfa092b3a189b67bce165268c54e7549065f5e3ce0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.ankosoft-suhl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ankosoft-suhl.de/anfahrt.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Fri, 02 Jun 2023 11:23:47 GMT
Server: Apache
Content-Encoding: gzip

ankoshl.ddns.net/anfahrt.html

95.89.183.88

200 OK

1.8 kB

URL GET HTTP/1.1
ankoshl.ddns.net/anfahrt.html
IP
95.89.183.88:80
ASN
#3209 Vodafone GmbH

Requested by
http://www.ankosoft-suhl.de/anfahrt.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.8 kB (1768 bytes)
Hash
588e4d64ec0fee01175ad893e03191e7
69a6e33337a11ba8781a0b496230bfe5e9a55ab0
af6511bc4ce10f86267187ed74c1d84b8f44e25341b7d6f22b1a7b421ffc029d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.ddns .net Domain

HTTP Headers

GET /anfahrt.html HTTP/1.1
Host: ankoshl.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ankosoft-suhl.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:23:45 GMT
Server: Apache/1.3.26 (Linux/SuSE) mod_perl/1.27
Last-Modified: Sat, 29 Oct 2011 09:28:59 GMT
ETag: "1ecdb-6e8-4eabc75b"
Accept-Ranges: bytes
Content-Length: 1768
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

maps.google.com/maps?file=api&v=2&key=ABQIAAAALdxwFprFHOhxQdMqbrDIFhTmbEpSBDa48mY3J82UOQqg0x3B1BQ-LErttAOqnPtp1XtaovsYXydb6Q

142.250.74.46

404 Not Found

1.7 kB

URL GET HTTP/1.1
maps.google.com/maps?file=api&v=2&key=ABQIAAAALdxwFprFHOhxQdMqbrDIFhTmbEpSBDa48mY3J82UOQqg0x3B1BQ-LErttAOqnPtp1XtaovsYXydb6Q
IP
142.250.74.46:80
ASN
#15169 GOOGLE

Requested by
http://ankoshl.ddns.net/anfahrt.html

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.7 kB (1677 bytes)
Hash
77a5452b98818fc03acffdc9d2cdd3d2
8abe5a2fa424a78264ad5707080394e69d054ed8
6c94d16b765b92e1524f7e5d7b045a8fe00a272adc0ad6be5a66e65513762aea

HTTP Headers

GET /maps?file=api&v=2&key=ABQIAAAALdxwFprFHOhxQdMqbrDIFhTmbEpSBDa48mY3J82UOQqg0x3B1BQ-LErttAOqnPtp1XtaovsYXydb6Q HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ankoshl.ddns.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 02 Jun 2023 11:23:47 GMT
Content-Type: text/html; charset=UTF-8
Server: mafe
Content-Length: 1677
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=9

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (4)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers