| | 217.160.242.86 | 302 Found | 162 B |
URL User Request GET HTTP/2IP217.160.242.86:443
CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 23 Apr 2024 22:28:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://217.160.242.86/
|
|
| | 217.160.242.86 | 302 Found | 0 B |
URL User Request GET HTTP/2IP217.160.242.86:443
CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 23 Apr 2024 22:28:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; path=/; secure; HttpOnly
CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:19 GMT; Max-Age=604800; path=/
location: https://217.160.242.86/users/login
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/users/login | 217.160.242.86 | 200 OK | 1.8 kB |
URL User Request GET HTTP/2217.160.242.86/users/login IP217.160.242.86:443
CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeXML 1.0 document, ASCII text, with very long lines (761) Hash8b2be8402598ad44a6e4c6e135c99872 31c2f1016e2a331f1432700d51d8a5f638fe6883 7ec9411278c27e4c65696ac2a0bf0ee582a02f5a03cbd65ea7e2b8f0bd37f39d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /users/login HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:19 GMT
content-type: text/html; charset=UTF-8
content-length: 1786
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:19 GMT; Max-Age=604800; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/css/login.css | 217.160.242.86 | 200 OK | 396 B |
URL GET HTTP/2217.160.242.86/css/login.css IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
Hash0b1805677fe867f465de4fe9f11f37be b3e7f2ae3a578f1bcc952eb64c605e2209770ae5 1ab8a0b9be8f12aa5227c7f673edbeb158a85bc553ec1189b4cc102b6e3363f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/login.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
content-length: 396
x-accel-version: 0.01
last-modified: Thu, 02 Jul 2020 10:35:26 GMT
etag: "32d-5a972f773f5ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/img/maxa-logo-login.png | 217.160.242.86 | 200 OK | 3.7 kB |
URL GET HTTP/2217.160.242.86/img/maxa-logo-login.png IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typePNG image data, 180 x 54, 8-bit/color RGBA, non-interlaced Hash4e95502e58f0ab958aab97d24a41dfd0 cf1a1f4d948a38d20350e4d48eabf1630f378139 eecf1650d5ee5cb36886d454364a182b567271154fc2e7a06ea092b9448b2585
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/maxa-logo-login.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 3679
last-modified: Thu, 02 Jul 2020 10:35:20 GMT
etag: "5efdb868-e5f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/img/gb.png | 217.160.242.86 | 200 OK | 1.2 kB |
URL GET HTTP/2217.160.242.86/img/gb.png IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typePNG image data, 32 x 16, 8-bit/color RGBA, non-interlaced Hash9e27a71aff65b575f1fa0c29811cb099 fb90693167cffcc8dc0548ac81f951ba83b19422 f283e69b55804927b2d98ef8148860d553a862908eca346eee139a2b2dc2b231
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/gb.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 1163
last-modified: Thu, 02 Jul 2020 10:35:20 GMT
etag: "5efdb868-48b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/img/it.png | 217.160.242.86 | 200 OK | 317 B |
URL GET HTTP/2217.160.242.86/img/it.png IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typePNG image data, 24 x 16, 8-bit/color RGBA, non-interlaced Hash38107ebd073f755274b336b67407b7ab 1e3291c468049ad7c5a601b382b215249239b7a5 f8777a95bfe2763359297b1c829501ce295d00b69301f89bba4255a15d0615e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/it.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 317
x-accel-version: 0.01
last-modified: Thu, 02 Jul 2020 10:35:19 GMT
etag: "13d-5a972f70c22e7"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/css/cake2.generic.css | 217.160.242.86 | 200 OK | 53 kB |
URL GET HTTP/2217.160.242.86/css/cake2.generic.css IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeassembler source, ASCII text Hash3600df2554d3e1c893112fe1c2338b7c 6f7e27f7af066254e6e65f7aa4eea27e050b1426 781074f97ba27e687ee033bcf7854ee24bb620ba615254288e0ff452e70c5f64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/cake2.generic.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Wed, 21 Apr 2021 15:16:56 GMT
etag: W/"608041e8-223d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/font/roboto/Roboto-Medium.woff2 | 217.160.242.86 | 200 OK | 50 kB |
URL GET HTTP/2217.160.242.86/font/roboto/Roboto-Medium.woff2 IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 50224, version 1.0 Hash574fd0b50367f886d359e8264938fc37 6cc1b73571af9e827c4e7e91418f476703cd4c4b 1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/roboto/Roboto-Medium.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 50224
last-modified: Thu, 02 Jul 2020 10:35:36 GMT
etag: "5efdb878-c430"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/css/fontawesome-all.min.css | 217.160.242.86 | 200 OK | 90 kB |
URL GET HTTP/2217.160.242.86/css/fontawesome-all.min.css IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeASCII text, with very long lines (59158) Hash74bab4578692993514e7f882cc15c218 b6293bcfd851f963edbe859498570c4c0c7eaae4 d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/fontawesome-all.min.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Wed, 21 Apr 2021 10:20:32 GMT
etag: W/"607ffc70-e7d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/font/roboto/Roboto-Regular.woff | 217.160.242.86 | 200 OK | 62 kB |
URL GET HTTP/2217.160.242.86/font/roboto/Roboto-Regular.woff IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeWeb Open Font Format, TrueType, length 61736, version 2.980 Hashba3dcd8903e3d0af5de7792777f8ae0d 74734dde8d94e7268170f9b994dedfbdcb5b3a15 2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/roboto/Roboto-Regular.woff HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff
content-length: 61736
last-modified: Thu, 02 Jul 2020 10:35:38 GMT
etag: "5efdb87a-f128"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/font/roboto/Roboto-Medium.woff | 217.160.242.86 | 200 OK | 63 kB |
URL GET HTTP/2217.160.242.86/font/roboto/Roboto-Medium.woff IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeWeb Open Font Format, TrueType, length 62980, version 2.980 Hashfc78759e93a6cac50458610e3d9d63a0 d45f84922131364989ad6578c7a06b6b4fc22c34 72841a4c4171b13ab1edf2c8f8046f0958f2ff608ce4e0d568dd5c6319f8a933
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/roboto/Roboto-Medium.woff HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff
content-length: 62980
last-modified: Thu, 02 Jul 2020 10:35:37 GMT
etag: "5efdb879-f604"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/favicon.ico | 217.160.242.86 | 200 OK | 1.2 kB |
URL GET HTTP/2217.160.242.86/favicon.ico IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash9ba79f2a2298d09823dd3eea732be502 e2b10a76c724810617103d5da6726a9a7a5d4cf5 f6bac0c880a4664e5036296af7e819df5d35c84d22db83ac9e5bbaf065835aa1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Thu, 02 Jul 2020 10:35:16 GMT
etag: "5efdb864-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/jquery-3.4.1.min.js | 217.160.242.86 | 200 OK | 88 kB |
URL GET HTTP/2217.160.242.86/js/jquery-3.4.1.min.js IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:24 GMT
etag: W/"5efdb86c-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/bootstrap-cookie-consent.js | 217.160.242.86 | 200 OK | 2.9 kB |
URL GET HTTP/2217.160.242.86/js/bootstrap-cookie-consent.js IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeJavaScript source, ASCII text, with very long lines (3075), with no line terminators Hashd3485e41be9a457415b8562a20862023 2353402d6eec96636913f26e40c32b0b5f200de6 5eef23c4cdb86fc1d1266b30ea21242af1c960d6d74488538e69e634f6b2e77f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/bootstrap-cookie-consent.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:23 GMT
etag: W/"5efdb86b-b6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/css/mdb.css | 217.160.242.86 | 200 OK | 618 kB |
URL GET HTTP/2217.160.242.86/css/mdb.css IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeASCII text, with very long lines (1445), with CRLF line terminators Size618 kB (617944 bytes) Hash84ad9a9963459a07aa2aaa551cd0b8b7 dae1dc193418ba300e08c02614bc9c8f11dcf961 c8c211feea56ec04437976166bb8deb6a36dd46b297bbcb66041af28664af529
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/mdb.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Thu, 02 Jul 2020 10:35:26 GMT
etag: W/"5efdb86e-96dd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/webfonts/fa-solid-900.woff2 | 217.160.242.86 | 200 OK | 78 kB |
URL GET HTTP/2217.160.242.86/webfonts/fa-solid-900.woff2 IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/fontawesome-all.min.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 78196
last-modified: Wed, 21 Apr 2021 10:20:22 GMT
etag: "607ffc66-13174"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/bootstrap/show-password.min.js | 217.160.242.86 | 404 Not Found | 7.0 kB |
URL GET HTTP/2217.160.242.86/js/bootstrap/show-password.min.js IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7333), with no line terminators Hash4cc4cb399a96f78c842dc520df18e276 e4b313350cf833d553d5a7ecb02e373a82ca5746 2931e51aa3528492e571f8ed567f78be82036f284b6b15c63f1a169bae5e4d50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/bootstrap/show-password.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:20 GMT; Max-Age=604800; path=/
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/bootstrap.js | 217.160.242.86 | 200 OK | 122 kB |
URL GET HTTP/2217.160.242.86/js/bootstrap.js IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeJavaScript source, ASCII text, with very long lines (317) Size122 kB (122441 bytes) Hashd9f096d1f708c35fdd9c78bd422883cc 16e88b7374a9e5b5cf875ef526198898ab35aa06 ea6899758b3058f66178c5693b6c661445fd2e007719a03f39c3054e299fc854
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/bootstrap.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:23 GMT
etag: W/"5efdb86b-1de49"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/bootstrap/show-password.min.js | 217.160.242.86 | 404 Not Found | 7.0 kB |
URL GET HTTP/2217.160.242.86/js/bootstrap/show-password.min.js IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7333), with no line terminators Hash4cc4cb399a96f78c842dc520df18e276 e4b313350cf833d553d5a7ecb02e373a82ca5746 2931e51aa3528492e571f8ed567f78be82036f284b6b15c63f1a169bae5e4d50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/bootstrap/show-password.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:20 GMT; Max-Age=604800; path=/
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/js/mdb.js | 217.160.242.86 | 200 OK | 921 kB |
IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
Size921 kB (920879 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/mdb.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:24 GMT
etag: W/"5efdb86c-e0d2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/css/bootstrap.css | 217.160.242.86 | 200 OK | 173 kB |
URL GET HTTP/2217.160.242.86/css/bootstrap.css IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
Size173 kB (172842 bytes) Hash318d0ce1ed37527c25695e4df559e3c1 e10edc97b3df8699983561990297df90034b0d7f 1f6fee8e6d2f2a7b1a3af40391b71040f5544ca306a90099851d2f9553530bc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/bootstrap.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Thu, 02 Jul 2020 10:35:25 GMT
etag: W/"5efdb86d-2a32a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 217.160.242.86/font/roboto/Roboto-Regular.woff2 | 217.160.242.86 | 200 OK | 49 kB |
URL GET HTTP/2217.160.242.86/font/roboto/Roboto-Regular.woff2 IP217.160.242.86:443
Requested byhttps://217.160.242.86/users/login CertificateIssuerLet's Encrypt Subjectmy.maxa.it FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10 ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 49236, version 1.0 Hash2751ee43015f9884c3642f103b7f70c9 ed1558b0541f5e01ce48c7db1588371b990eec19 b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 49236
last-modified: Thu, 02 Jul 2020 10:35:38 GMT
etag: "5efdb87a-c054"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|