Report - 217.160.242.86/

Report Overview

Submitted URL
217.160.242.86/
IP
217.160.242.86
ASN
#8560 IONOS SE
Submitted
2024-04-23 22:28:45
Access
public
Website Title
Accedi - My Maxa
Final URL
217.160.242.86/users/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
217.160.242.86	unknown	unknown	2012-11-26	2023-11-03	12 kB	2.4 MB	217.160.242.86

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed
2024-04-23	medium	217.160.242.86	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	217.160.242.86/js/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-05-03
Pretty URL 217.160.242.86/js/jquery-3.4.1.min.js IP 217.160.242.86 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-03 17:45:06 Times Seen96760 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	217.160.242.86/js/bootstrap-cookie-consent.js	2.9 kB	2024-04-24	2024-04-24
Pretty URL 217.160.242.86/js/bootstrap-cookie-consent.js IP 217.160.242.86 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:28:45 Last Seen2024-04-24 00:28:45 Times Seen1 Hash 92efc091d39727283b3b759c322ba215 7b2d584dda645556ea5862cc2d8e2fd44a01528f d4f0ab55b97ce623498f92a8209810e12efe8e9bf0ab4c07583d8e54bec3c6bd Loading...

	217.160.242.86/users/login	0 B	2023-03-07	2024-05-03
Pretty URL 217.160.242.86/users/login IP 217.160.242.86 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-03 18:18:50 Times Seen37310178 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	217.160.242.86/js/bootstrap.js	122 kB	2023-03-07	2024-04-24
Pretty URL 217.160.242.86/js/bootstrap.js IP 217.160.242.86 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:28:32 Last Seen2024-04-24 00:28:46 Times Seen44 Hash d9f096d1f708c35fdd9c78bd422883cc 16e88b7374a9e5b5cf875ef526198898ab35aa06 ea6899758b3058f66178c5693b6c661445fd2e007719a03f39c3054e299fc854 Loading...

	217.160.242.86/js/mdb.js	921 kB	2024-04-24	2024-04-24
Pretty URL 217.160.242.86/js/mdb.js IP 217.160.242.86 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:28:45 Last Seen2024-04-24 00:28:46 Times Seen1 Hash b30bec1af35512236e7da1c12ff69f22 82d1c8f70bc8415415d94825be3777ab0d83ed92 6ea1bba7f16589c6aa46c9c8f611996c8c3ceb1d899b0501cf728900f81fd202 Loading...

HTTP Transactions (23)

URL IP Response Size

217.160.242.86/

217.160.242.86

302 Found

162 B

URL User Request GET HTTP/2
217.160.242.86/
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 23 Apr 2024 22:28:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://217.160.242.86/

217.160.242.86/

217.160.242.86

302 Found

0 B

URL User Request GET HTTP/2
217.160.242.86/
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 23 Apr 2024 22:28:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; path=/; secure; HttpOnly
CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:19 GMT; Max-Age=604800; path=/
location: https://217.160.242.86/users/login
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2

217.160.242.86/users/login

217.160.242.86

200 OK

1.8 kB

URL User Request GET HTTP/2
217.160.242.86/users/login
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
XML 1.0 document, ASCII text, with very long lines (761)
Size
1.8 kB (1786 bytes)
Hash
8b2be8402598ad44a6e4c6e135c99872
31c2f1016e2a331f1432700d51d8a5f638fe6883
7ec9411278c27e4c65696ac2a0bf0ee582a02f5a03cbd65ea7e2b8f0bd37f39d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /users/login HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:19 GMT
content-type: text/html; charset=UTF-8
content-length: 1786
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:19 GMT; Max-Age=604800; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2

217.160.242.86/css/login.css

217.160.242.86

200 OK

396 B

URL GET HTTP/2
217.160.242.86/css/login.css
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
ASCII text
Size
396 B (396 bytes)
Hash
0b1805677fe867f465de4fe9f11f37be
b3e7f2ae3a578f1bcc952eb64c605e2209770ae5
1ab8a0b9be8f12aa5227c7f673edbeb158a85bc553ec1189b4cc102b6e3363f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
content-length: 396
x-accel-version: 0.01
last-modified: Thu, 02 Jul 2020 10:35:26 GMT
etag: "32d-5a972f773f5ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

217.160.242.86/img/maxa-logo-login.png

217.160.242.86

200 OK

3.7 kB

URL GET HTTP/2
217.160.242.86/img/maxa-logo-login.png
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
PNG image data, 180 x 54, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3679 bytes)
Hash
4e95502e58f0ab958aab97d24a41dfd0
cf1a1f4d948a38d20350e4d48eabf1630f378139
eecf1650d5ee5cb36886d454364a182b567271154fc2e7a06ea092b9448b2585

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/maxa-logo-login.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 3679
last-modified: Thu, 02 Jul 2020 10:35:20 GMT
etag: "5efdb868-e5f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/img/gb.png

217.160.242.86

200 OK

1.2 kB

URL GET HTTP/2
217.160.242.86/img/gb.png
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
PNG image data, 32 x 16, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1163 bytes)
Hash
9e27a71aff65b575f1fa0c29811cb099
fb90693167cffcc8dc0548ac81f951ba83b19422
f283e69b55804927b2d98ef8148860d553a862908eca346eee139a2b2dc2b231

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/gb.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 1163
last-modified: Thu, 02 Jul 2020 10:35:20 GMT
etag: "5efdb868-48b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/img/it.png

217.160.242.86

200 OK

317 B

URL GET HTTP/2
217.160.242.86/img/it.png
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
PNG image data, 24 x 16, 8-bit/color RGBA, non-interlaced
Size
317 B (317 bytes)
Hash
38107ebd073f755274b336b67407b7ab
1e3291c468049ad7c5a601b382b215249239b7a5
f8777a95bfe2763359297b1c829501ce295d00b69301f89bba4255a15d0615e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/it.png HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/png
content-length: 317
x-accel-version: 0.01
last-modified: Thu, 02 Jul 2020 10:35:19 GMT
etag: "13d-5a972f70c22e7"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

217.160.242.86/css/cake2.generic.css

217.160.242.86

200 OK

53 kB

URL GET HTTP/2
217.160.242.86/css/cake2.generic.css
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
assembler source, ASCII text
Size
53 kB (52764 bytes)
Hash
3600df2554d3e1c893112fe1c2338b7c
6f7e27f7af066254e6e65f7aa4eea27e050b1426
781074f97ba27e687ee033bcf7854ee24bb620ba615254288e0ff452e70c5f64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/cake2.generic.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Wed, 21 Apr 2021 15:16:56 GMT
etag: W/"608041e8-223d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/font/roboto/Roboto-Medium.woff2

217.160.242.86

200 OK

50 kB

URL GET HTTP/2
217.160.242.86/font/roboto/Roboto-Medium.woff2
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50224, version 1.0
Size
50 kB (50224 bytes)
Hash
574fd0b50367f886d359e8264938fc37
6cc1b73571af9e827c4e7e91418f476703cd4c4b
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font/roboto/Roboto-Medium.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 50224
last-modified: Thu, 02 Jul 2020 10:35:36 GMT
etag: "5efdb878-c430"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/css/fontawesome-all.min.css

217.160.242.86

200 OK

90 kB

URL GET HTTP/2
217.160.242.86/css/fontawesome-all.min.css
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
ASCII text, with very long lines (59158)
Size
90 kB (90544 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fontawesome-all.min.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Wed, 21 Apr 2021 10:20:32 GMT
etag: W/"607ffc70-e7d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/font/roboto/Roboto-Regular.woff

217.160.242.86

200 OK

62 kB

URL GET HTTP/2
217.160.242.86/font/roboto/Roboto-Regular.woff
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
Web Open Font Format, TrueType, length 61736, version 2.980
Size
62 kB (61736 bytes)
Hash
ba3dcd8903e3d0af5de7792777f8ae0d
74734dde8d94e7268170f9b994dedfbdcb5b3a15
2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font/roboto/Roboto-Regular.woff HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff
content-length: 61736
last-modified: Thu, 02 Jul 2020 10:35:38 GMT
etag: "5efdb87a-f128"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/font/roboto/Roboto-Medium.woff

217.160.242.86

200 OK

63 kB

URL GET HTTP/2
217.160.242.86/font/roboto/Roboto-Medium.woff
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
Web Open Font Format, TrueType, length 62980, version 2.980
Size
63 kB (62980 bytes)
Hash
fc78759e93a6cac50458610e3d9d63a0
d45f84922131364989ad6578c7a06b6b4fc22c34
72841a4c4171b13ab1edf2c8f8046f0958f2ff608ce4e0d568dd5c6319f8a933

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font/roboto/Roboto-Medium.woff HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff
content-length: 62980
last-modified: Thu, 02 Jul 2020 10:35:37 GMT
etag: "5efdb879-f604"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/favicon.ico

217.160.242.86

200 OK

1.2 kB

URL GET HTTP/2
217.160.242.86/favicon.ico
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
9ba79f2a2298d09823dd3eea732be502
e2b10a76c724810617103d5da6726a9a7a5d4cf5
f6bac0c880a4664e5036296af7e819df5d35c84d22db83ac9e5bbaf065835aa1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Thu, 02 Jul 2020 10:35:16 GMT
etag: "5efdb864-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/js/jquery-3.4.1.min.js

217.160.242.86

200 OK

88 kB

URL GET HTTP/2
217.160.242.86/js/jquery-3.4.1.min.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:24 GMT
etag: W/"5efdb86c-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/js/bootstrap-cookie-consent.js

217.160.242.86

200 OK

2.9 kB

URL GET HTTP/2
217.160.242.86/js/bootstrap-cookie-consent.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
JavaScript source, ASCII text, with very long lines (3075), with no line terminators
Size
2.9 kB (2924 bytes)
Hash
d3485e41be9a457415b8562a20862023
2353402d6eec96636913f26e40c32b0b5f200de6
5eef23c4cdb86fc1d1266b30ea21242af1c960d6d74488538e69e634f6b2e77f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap-cookie-consent.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:23 GMT
etag: W/"5efdb86b-b6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/css/mdb.css

217.160.242.86

200 OK

618 kB

URL GET HTTP/2
217.160.242.86/css/mdb.css
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
ASCII text, with very long lines (1445), with CRLF line terminators
Size
618 kB (617944 bytes)
Hash
84ad9a9963459a07aa2aaa551cd0b8b7
dae1dc193418ba300e08c02614bc9c8f11dcf961
c8c211feea56ec04437976166bb8deb6a36dd46b297bbcb66041af28664af529

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/mdb.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Thu, 02 Jul 2020 10:35:26 GMT
etag: W/"5efdb86e-96dd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/webfonts/fa-solid-900.woff2

217.160.242.86

200 OK

78 kB

URL GET HTTP/2
217.160.242.86/webfonts/fa-solid-900.woff2
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/fontawesome-all.min.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 78196
last-modified: Wed, 21 Apr 2021 10:20:22 GMT
etag: "607ffc66-13174"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

217.160.242.86/js/bootstrap/show-password.min.js

217.160.242.86

404 Not Found

7.0 kB

URL GET HTTP/2
217.160.242.86/js/bootstrap/show-password.min.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7333), with no line terminators
Size
7.0 kB (6963 bytes)
Hash
4cc4cb399a96f78c842dc520df18e276
e4b313350cf833d553d5a7ecb02e373a82ca5746
2931e51aa3528492e571f8ed567f78be82036f284b6b15c63f1a169bae5e4d50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap/show-password.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:20 GMT; Max-Age=604800; path=/
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/js/bootstrap.js

217.160.242.86

200 OK

122 kB

URL GET HTTP/2
217.160.242.86/js/bootstrap.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
JavaScript source, ASCII text, with very long lines (317)
Size
122 kB (122441 bytes)
Hash
d9f096d1f708c35fdd9c78bd422883cc
16e88b7374a9e5b5cf875ef526198898ab35aa06
ea6899758b3058f66178c5693b6c661445fd2e007719a03f39c3054e299fc854

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:23 GMT
etag: W/"5efdb86b-1de49"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/js/bootstrap/show-password.min.js

217.160.242.86

404 Not Found

7.0 kB

URL GET HTTP/2
217.160.242.86/js/bootstrap/show-password.min.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7333), with no line terminators
Size
7.0 kB (6963 bytes)
Hash
4cc4cb399a96f78c842dc520df18e276
e4b313350cf833d553d5a7ecb02e373a82ca5746
2931e51aa3528492e571f8ed567f78be82036f284b6b15c63f1a169bae5e4d50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap/show-password.min.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D; expires=Tue, 30-Apr-2024 22:28:20 GMT; Max-Age=604800; path=/
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/js/mdb.js

217.160.242.86

200 OK

921 kB

URL GET HTTP/2
217.160.242.86/js/mdb.js
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type

Size
921 kB (920879 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/mdb.js HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: application/javascript
last-modified: Thu, 02 Jul 2020 10:35:24 GMT
etag: W/"5efdb86c-e0d2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/css/bootstrap.css

217.160.242.86

200 OK

173 kB

URL GET HTTP/2
217.160.242.86/css/bootstrap.css
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
ASCII text
Size
173 kB (172842 bytes)
Hash
318d0ce1ed37527c25695e4df559e3c1
e10edc97b3df8699983561990297df90034b0d7f
1f6fee8e6d2f2a7b1a3af40391b71040f5544ca306a90099851d2f9553530bc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/users/login
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: text/css
last-modified: Thu, 02 Jul 2020 10:35:25 GMT
etag: W/"5efdb86d-2a32a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

217.160.242.86/font/roboto/Roboto-Regular.woff2

217.160.242.86

200 OK

49 kB

URL GET HTTP/2
217.160.242.86/font/roboto/Roboto-Regular.woff2
IP
217.160.242.86:443
ASN
#8560 IONOS SE

Requested by
https://217.160.242.86/users/login
Certificate
IssuerLet's Encrypt
Subjectmy.maxa.it
FingerprintE1:27:4A:8E:98:A0:C8:02:1F:13:01:28:32:4C:2E:5F:47:B2:10:10
ValidityWed, 10 Apr 2024 03:26:11 GMT - Tue, 09 Jul 2024 03:26:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 49236, version 1.0
Size
49 kB (49236 bytes)
Hash
2751ee43015f9884c3642f103b7f70c9
ed1558b0541f5e01ce48c7db1588371b990eec19
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /font/roboto/Roboto-Regular.woff2 HTTP/1.1
Host: 217.160.242.86
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://217.160.242.86/css/mdb.css
Cookie: PHPSESSNEW=jpim3nccricfdeg4rhak6r4fm5; CakeCookie[Config]=%7B%22language%22%3A%22it%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 22:28:20 GMT
content-type: font/woff2
content-length: 49236
last-modified: Thu, 02 Jul 2020 10:35:38 GMT
etag: "5efdb87a-c054"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers