hainamxaliken124300.duckdns.org/
163 B URL hainamxaliken124300.duckdns.org/
IP
File type HTML document text\012- HTML document, ASCII text
Hash f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET / HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:25 GMT
Server: Apache
Last-Modified: Fri, 11 Aug 2023 12:15:06 GMT
Accept-Ranges: bytes
Content-Length: 163
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
7.0 kB URL User Request GET hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 166f68ab3268cd457612366b07177d5f
7b14c4c6366db208399cb289a7ed69a6c90ff96a
2ac88b4ce5a85c0fdad1472d41481fb5d552430821d3ce1dca473d80753e3a23
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /cgi-sys/defaultwebpage.cgi HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:28 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
hainamxaliken124300.duckdns.org/img-sys/IP_changed.png
200 OK 2.9 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/img-sys/IP_changed.png
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ec081653bd4c836483e6d612588d18ec
91c7e4cfa061808881575a875741773a949a9e0a
b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img-sys/IP_changed.png HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:28 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2023 13:01:15 GMT
Accept-Ranges: bytes
Content-Length: 2939
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hainamxaliken124300.duckdns.org/img-sys/error-bg-left.png
200 OK 8.1 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/img-sys/error-bg-left.png
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type PNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash cdbe46a0178886162bdedff35336154e
f5acc131f7d3fdfbebfc4a55be73cf51c7638937
862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img-sys/error-bg-left.png HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:29 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2023 13:01:15 GMT
Accept-Ranges: bytes
Content-Length: 8072
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
hainamxaliken124300.duckdns.org/img-sys/server_misconfigured.png
200 OK 3.2 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/img-sys/server_misconfigured.png
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f79adaf00f83dc9757086cdbe8645ff0
82f37b8be7668eab8e1a06de828cb336799c8134
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img-sys/server_misconfigured.png HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:29 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2023 13:01:15 GMT
Accept-Ranges: bytes
Content-Length: 3164
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
hainamxaliken124300.duckdns.org/img-sys/powered_by_cpanel.svg
200 OK 5.6 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/img-sys/powered_by_cpanel.svg
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5616)
Hash c47b4b5200566a2a496a11ba472ec5da
3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img-sys/powered_by_cpanel.svg HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:29 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2023 13:01:15 GMT
Accept-Ranges: bytes
Content-Length: 5617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
hainamxaliken124300.duckdns.org/img-sys/server_moved.png
200 OK 3.3 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/img-sys/server_moved.png
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f6590a396da81a8e4cce7ca046874ffd
7e68db322c32ca079b2c836812d3a25204ab93cc
3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /img-sys/server_moved.png HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 13:46:29 GMT
Server: Apache
Last-Modified: Tue, 22 Aug 2023 13:01:15 GMT
Accept-Ranges: bytes
Content-Length: 3327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
hainamxaliken124300.duckdns.org/favicon.ico
404 Not Found 10 kB URL GET HTTP/1.1 hainamxaliken124300.duckdns.org/favicon.ico
IP
Requested by http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 558d84fe66474a1e21c695f84fc40432
7c407205369be4b15b7302f33b892bd2929e436e
a315b72812d5059bcc35e0812d822cc94f89d522101f10317e4adcc8ee1241c9
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /favicon.ico HTTP/1.1
Host: hainamxaliken124300.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://hainamxaliken124300.duckdns.org/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 26 Sep 2023 13:46:29 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
103.37.124.105