| | 93.159.251.207 | 200 OK | 162 B |
URL User Request GET HTTP/2IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 May 2024 09:24:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://93.159.251.207/login.php
|
|
| 93.159.251.207/Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Regular.woff2 | 93.159.251.207 | 200 OK | 51 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Regular.woff2 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 51076, version 1.6554 Hash16f8699021047de01639f6eb7d1a82ea 7c89f562ab679a8a7185aed3bcaad88ce75a0983 a93886b9a8697bca6ae2947989f114f01942b0ba72e3445559bbb47d31193ee5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Regular.woff2 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/Customizing/global/skin/bfw/bfw.css?skin_version=0-1&version=7_29
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/octet-stream
content-length: 51076
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: "6368b173-c784"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Semibold.woff2 | 93.159.251.207 | 200 OK | 53 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Semibold.woff2 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 53124, version 1.6554 Hash84f66dab46dc39ac1e6309917224017c 540eeee249b60ee2ca6e936aa23893e47f2d5510 fa2f248cb745f09fc0acdf671eab9afc9091ceba29861b7a2f53b21342449200
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/fonts/OpenSansWeb/OpenSans-Semibold.woff2 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/Customizing/global/skin/bfw/bfw.css?skin_version=0-1&version=7_29
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/octet-stream
content-length: 53124
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: "6368b173-cf84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/loginpage_bg.png | 93.159.251.207 | 200 OK | 2.9 MB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/loginpage_bg.png IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typePNG image data, 2714 x 1264, 8-bit/color RGBA, non-interlaced Size2.9 MB (2855484 bytes) Hasha25be1a032ac13efb58c181949d94414 6b9b46217ac0c9783a3cd8d34d6a476776cec16b b01bacb9d2b8ec9707a1bab51ee9f07c789d37626ad56029992471fe0af90165
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/loginpage_bg.png HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/png
content-length: 2855484
last-modified: Tue, 22 Nov 2022 11:29:40 GMT
etag: "637cb2a4-2b923c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/favicon.ico | 93.159.251.207 | 200 OK | 318 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/favicon.ico IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash173cc0af8101c23a010c2318f1f8a753 c971547818aff78098f6984c8b126a9bb44afdb8 6d4aa037a28e96e75447b4efee9dcbbcc46dc65991662471377fc406da977018
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/favicon.ico HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/x-icon
content-length: 318
last-modified: Tue, 15 Nov 2022 08:46:56 GMT
etag: "63735200-13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/bfw.css?skin_version=0-1&version=7_29 | 93.159.251.207 | 200 OK | 468 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/bfw.css?skin_version=0-1&version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeASCII text, with very long lines (546), with CRLF line terminators Size468 kB (467724 bytes) Hashc2656f0b01e1266cb6a49a2e7fd5d78e 833d94331a6f27082a180c4f2dc8e9a9d1f59e41 9a1b808990bed5571e38810259f3a2e70a5819647e264d4f8ccfcf93ce7d6ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/bfw.css?skin_version=0-1&version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/css
last-modified: Wed, 13 Sep 2023 14:57:16 GMT
etag: W/"6501cdcc-7230c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js?version=7_29 | 93.159.251.207 | 200 OK | 38 kB |
URL GET HTTP/293.159.251.207/node_modules/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (32039) Hash8a36160a466cad1a9e414321f4784baf 4ed91e4ed7e1a2a7e5f05654e2f62695c9e6ce40 e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-966e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/ilias.php?help_screen_id=init//login.&cmdClass=ilhelpgui&cmdNode=dq&baseClass=ilhelpgui&cmdMode=asynch&cmd=showHelp | 93.159.251.207 | 200 OK | 140 B |
URL GET HTTP/293.159.251.207/ilias.php?help_screen_id=init//login.&cmdClass=ilhelpgui&cmdNode=dq&baseClass=ilhelpgui&cmdMode=asynch&cmd=showHelp IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeHTML document, ASCII text, with no line terminators Hashc90a3b3ed37fe8272aa457e23af90bcd 597d6b72fbd995ae2d933cc177031cb7f09ba16c d6bcd7e9e6c9c385515118b18d24d9ea5b92fa85aab6f419cef2aa8c2a0e9aa6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ilias.php?help_screen_id=init//login.&cmdClass=ilhelpgui&cmdNode=dq&baseClass=ilhelpgui&cmdMode=asynch&cmd=showHelp HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: ilClientId=BFWMICHAELSHOVENinvor; path=/; secure; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/Core/ui.js?version=7_29 | 93.159.251.207 | 200 OK | 1.4 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/Core/ui.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (1636), with no line terminators Hash157864a51dfe76f1a178c5a3ac001e30 fa4bfc1463e0f8050a005fd56e580aceebdfbe40 3bcac2dd634245c934dcbd4b8ddc4f3151339dcdefd70960c03fd0e6de974b53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/Core/ui.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-599"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/Button/button.js?version=7_29 | 93.159.251.207 | 200 OK | 3.6 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/Button/button.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (4253), with no line terminators Hashe57b7259fa2fa6f8af018f1427c5f365 f4f408aa24b4c58349518672d7db03f8fbf4a58c 7035fffdaa133c3f9ff95a09058eb2edc7e2ddd82df9bb1ce7dd345800dceb98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/Button/button.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-e33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/Form/js/Form.js?version=7_29 | 93.159.251.207 | 200 OK | 12 kB |
URL GET HTTP/293.159.251.207/Services/Form/js/Form.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8485cd4f4da41c70f544336971599a73 284be57262832562b10dc017c6d0c2d60b23bb44 3f7a171b1e19db33d37c91399cffaa5593155f2bd3fc2303ceef0b6d14a56b52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/Form/js/Form.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:07 GMT
etag: W/"632c4997-2d3d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/UIComponent/Explorer2/js/Explorer2.js?version=7_29 | 93.159.251.207 | 200 OK | 5.2 kB |
URL GET HTTP/293.159.251.207/Services/UIComponent/Explorer2/js/Explorer2.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6026), with no line terminators Hash47db1881ca459b6a24f64266cae27813 3631678a60a227d551604877afd298219b6b7fab 8e1194cce81286d543e9e0b5eebae6c9c1d79f50fc33de9a4e8ce32f15664f3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/UIComponent/Explorer2/js/Explorer2.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:07 GMT
etag: W/"632c4997-144f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/jstree/dist/jstree.js?version=7_29 | 93.159.251.207 | 200 OK | 305 kB |
URL GET HTTP/293.159.251.207/node_modules/jstree/dist/jstree.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
Size305 kB (305358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/jstree/dist/jstree.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-4a8ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/templates/default/delos_cont.css?version=7_29 | 93.159.251.207 | 200 OK | 923 B |
URL GET HTTP/293.159.251.207/templates/default/delos_cont.css?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeASCII text, with very long lines (1037), with no line terminators Hash4cc97973483d9198e8bb30b76f991281 b06f84af70ccc26acae9dd36fd183df68798dbfe 4ee7ee77b98a73d52523d32f2a459d73d87a06d3ae4486ed865a9b5bcdeb9bfd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /templates/default/delos_cont.css?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-39b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/libs/bower/bower_components/yui2/build/connection/connection-min.js?version=7_29 | 93.159.251.207 | 200 OK | 13 kB |
URL GET HTTP/293.159.251.207/libs/bower/bower_components/yui2/build/connection/connection-min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6075) Hashcaa0126c3501e0acd0dc2c1cd252ca6b 70aeb31e310864e6ff6121b723aa11959a7450f5 d650afc746e512e216852728eb080be0b7c73d3cbc2aed8242682cbfc344b0ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libs/bower/bower_components/yui2/build/connection/connection-min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-3335"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/libs/bower/bower_components/yui2/build/animation/animation-min.js?version=7_29 | 93.159.251.207 | 200 OK | 14 kB |
URL GET HTTP/293.159.251.207/libs/bower/bower_components/yui2/build/animation/animation-min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6040) Hashcc2b803f4c60d5c2b1d53d3340498c3b c53d540d91e0a6fc4686e65e738c5dd01440b6c5 41b31564dcf1687907bfa8d95868d239b46b92202306ee12d9c1a597d38e3e63
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libs/bower/bower_components/yui2/build/animation/animation-min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-370c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/Help/js/ilHelp.js?version=7_29 | 93.159.251.207 | 200 OK | 5.7 kB |
URL GET HTTP/293.159.251.207/Services/Help/js/ilHelp.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6354), with no line terminators Hash95550d6145582affcea3cbfff98af09a c70e6336a92a67c2735572612baed1b6e850e7b8 d3f4ddf55ab10e4c7b3e78842c23bac905589419e9d7d0a08e6b2e271017651f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/Help/js/ilHelp.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:07 GMT
etag: W/"632c4997-163a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_hlps.svg | 93.159.251.207 | 200 OK | 469 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_hlps.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash1ef0940457b52faa7e5e1ebbc3685fc9 0e637225add57d0fb7f4f1f8f2fe3fe1269aa1ee 5e9169932523f13ace81b4b56df1ff126bce322e781396c8b22b1586614cdaf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/outlined/icon_hlps.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: W/"6368b173-1d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/data/BFWMICHAELSHOVENinvor/css/style_248336.css?dummy=600156&il_wac_token=5e9986574bd2965c6bd3bef9683b1a2a38e77ad3&il_wac_ttl=3&il_wac_ts=1714814675&version=7_29 | 93.159.251.207 | 200 OK | 27 kB |
URL GET HTTP/293.159.251.207/data/BFWMICHAELSHOVENinvor/css/style_248336.css?dummy=600156&il_wac_token=5e9986574bd2965c6bd3bef9683b1a2a38e77ad3&il_wac_ttl=3&il_wac_ts=1714814675&version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
Hash38e75ea8b872846700197498407dc5a0 ee6b2382705bbd3cb300f12b6ca11a233c678cce 28aa8a27dd903384621ecbf43989ecc61ebe7c81900ae3c419f8473fece32983
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /data/BFWMICHAELSHOVENinvor/css/style_248336.css?dummy=600156&il_wac_token=5e9986574bd2965c6bd3bef9683b1a2a38e77ad3&il_wac_ttl=3&il_wac_ts=1714814675&version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 09:07:36 GMT
etag: W/"637c9158-6952"
expires: Sat, 04 May 2024 10:24:36 GMT
pragma: public
cache-control: max-age=3600, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/COPage/css/syntaxhighlight.css?version=7_29 | 93.159.251.207 | 200 OK | 1.2 kB |
URL GET HTTP/293.159.251.207/Services/COPage/css/syntaxhighlight.css?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeASCII text, with very long lines (1326), with no line terminators Hashdd00d120099f4d82effe2a9164b78e31 7c3651d9959a66b25fc4969b6d9e303fb45bb1d4 00320009d9552f91d01613b95dbd63459238a5c466f4ae6baa9bfe1ab7397a8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/COPage/css/syntaxhighlight.css?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 11:40:07 GMT
etag: W/"632c4997-4b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/MainControls/dist/mainbar.js?version=7_29 | 93.159.251.207 | 200 OK | 37 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/MainControls/dist/mainbar.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
Hashed4a94a20f2330c566996834b759404d 854ee0d123d7d03e0ea4bf7e6579eb67406790d3 c33aeb3f1d0a17bc31e4bcc5b45ee296bc2533bdb5f310de589d65f7a745b6bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/MainControls/dist/mainbar.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 14:59:27 GMT
etag: W/"6501ce4f-9243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/MainControls/system_info.js?version=7_29 | 93.159.251.207 | 200 OK | 1.5 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/MainControls/system_info.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (1555), with no line terminators Hash511258e512f241bcb27b70776d333577 582049b096d1e079fcb869109b665a4ab75a9ebf 4a27fcafb126a6508c95ea94ca80aecc467646a30edcacf616fbf9d04f071151
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/MainControls/system_info.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-5d4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/Counter/counter.js?version=7_29 | 93.159.251.207 | 200 OK | 11 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/Counter/counter.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Hash4b8778ccc4ee5a8942b3b083ec489cbd b1fdb2473c2aabba9a977c45d212afe31adb99e9 2afaff75c84e7993874445ec3f02ba0e21918590321078b98cb4d3358cdfadd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/Counter/counter.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-2c17"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/COPage/js/ilCOPagePres.js?version=7_29 | 93.159.251.207 | 200 OK | 22 kB |
URL GET HTTP/293.159.251.207/Services/COPage/js/ilCOPagePres.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Hashd7fbb25b18cb150b21fc2291a11c5af3 43abb98b856ea45169ed7a15e6966893bda1b25e 88060727686fa19bb64ce85eba8ff48ab69088bdf38d2241178632aa9c353060
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/COPage/js/ilCOPagePres.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 01:04:17 GMT
etag: W/"64599c11-55b4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/jquery-ui-dist/jquery-ui.js?version=7_29 | 93.159.251.207 | 200 OK | 529 kB |
URL GET HTTP/293.159.251.207/node_modules/jquery-ui-dist/jquery-ui.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (1004) Size529 kB (529159 bytes) Hashcbc65ff85e08b21d7e0c0394fbf3a371 0ebabcd2c6da47bde11fadf331a02c98845b0a8d c4b0fb9e123ad9f72c1192b6feff0bb0171be251bb76050b92e5e85c1fe3f757
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/jquery-ui-dist/jquery-ui.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 15:02:47 GMT
etag: W/"63dbd097-81307"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_rep.svg | 93.159.251.207 | 200 OK | 581 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_rep.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash7f508c177b3b8aa204bdecb21b4c0ef0 304d3f25a66ebb859ab14de141fa46e0ae016f48 0b96b11679ff825e3a11ea2fc56f783d20306c28967d63766773d914276db10c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/outlined/icon_rep.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: W/"6368b173-245"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/username.svg | 93.159.251.207 | 200 OK | 484 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/username.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hashcb23657c44c4df324f728f62d6a5bf2e 9bb62ec95ca3a3c34c3201203a0eb6ef55386b19 7aa3029bafafe206c61025f72f679e5bc48c70db36b9339f36fcfdb3bde8d9dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/username.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 14:28:04 GMT
etag: W/"636915f4-1e4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/Services/Init/loginbox-icons.js | 93.159.251.207 | 200 OK | 909 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/Services/Init/loginbox-icons.js IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (949), with no line terminators Hash2a0c99fd9e8b0ca9b49e07f53ce3dcf4 881fa21392798cf6a10973f6758db48d2aa26ab0 e350942f7740c4c46b91fb16a64e820750456143f3618f77bdb7aa409795ea60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/Services/Init/loginbox-icons.js HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 08:49:28 GMT
etag: W/"637f3018-38d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/JavaScript/js/Basic.js?version=7_29 | 93.159.251.207 | 200 OK | 29 kB |
URL GET HTTP/293.159.251.207/Services/JavaScript/js/Basic.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Hashde7aaf7bc31f20e441215186234a372f e00657f964de6e717a3af55deb3e34ab93ba08d8 48ff853fdd4e738b859259d50e36a5d78034f3adb4bb5584cd738067dc91eb1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/JavaScript/js/Basic.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Wed, 13 Dec 2023 13:22:24 GMT
etag: W/"6579b010-7195"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/MainControls/metabar.js?version=7_29 | 93.159.251.207 | 200 OK | 5.7 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/MainControls/metabar.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6538), with no line terminators Hash5ec5a4096e9c7bb1af3c8c631bf8a072 78ecb0ede35b977fe0335f39874360fbd8d9fc01 f5c8fada811d75faca6121c6b96c73f461b0f81447af03bca0afe2d948cfe6bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/MainControls/metabar.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 14:59:27 GMT
etag: W/"6501ce4f-1670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/libs/bower/bower_components/yui2/build/yahoo-dom-event/yahoo-dom-event.js?version=7_29 | 93.159.251.207 | 200 OK | 37 kB |
URL GET HTTP/293.159.251.207/libs/bower/bower_components/yui2/build/yahoo-dom-event/yahoo-dom-event.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (10427) Hash3da71052ab88946c739f9a0795fd4091 2c157b6011ab8e09e909697be6a79f8c6d1f9772 bc27fad8392142cf6cbba8efe7f6916cb24e5794ce2a13d870eddb9eae6ed030
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libs/bower/bower_components/yui2/build/yahoo-dom-event/yahoo-dom-event.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-8ff4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Services/Accordion/js/accordion.js?version=7_29 | 93.159.251.207 | 200 OK | 12 kB |
URL GET HTTP/293.159.251.207/Services/Accordion/js/accordion.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Hash8385872dfc63ed7193d73dd0071ac935 5c32051e8d95a6eee9ad8c84b75066576ebdda40 b09e03c84b877c6f53ffdd8d4d1a27b915f5cdbe70ca75076c2796ba9122c1a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/Accordion/js/accordion.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 14:23:08 GMT
etag: W/"6537d34c-2fbb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/HeaderIcon.svg | 93.159.251.207 | 200 OK | 14 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/HeaderIcon.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash739d48ac2a7edfe848aa59d00f4f64d9 91efefd94bd2c59f3e7fd21377266eaebefa5fc6 5f085b1b02800b4fef4e9fd2dd5ad875c3d8872a1ee44a8d80ab341d504b6496
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/HeaderIcon.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 13:16:31 GMT
etag: W/"63723faf-387b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_root.svg | 93.159.251.207 | 200 OK | 581 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_root.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash7f508c177b3b8aa204bdecb21b4c0ef0 304d3f25a66ebb859ab14de141fa46e0ae016f48 0b96b11679ff825e3a11ea2fc56f783d20306c28967d63766773d914276db10c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/outlined/icon_root.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: W/"6368b173-245"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_tool.svg | 93.159.251.207 | 200 OK | 454 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_tool.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash1af8d104a7109de94d9c9d3dfc453d9e 2bc5b796b322063ef66edf788bd68457f89c3d18 0604fabfa6bc6e0b794c5d3df58fb3a37c54d284aede70f2dbf4dd3b8df1cf40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/outlined/icon_tool.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: W/"6368b173-1c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/Services/Init/login-collapsed.js | 93.159.251.207 | 200 OK | 4.1 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/Services/Init/login-collapsed.js IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeUnicode text, UTF-8 text, with very long lines (4392), with no line terminators Hash9b65d9093c8184fe82d63490869bfc7d bb049746f11736d0d58b81ce8db5744140050330 7ee3869ff8275f6ca69244c841495639f1504ba8f979b5873dedc5a7f91d4f72
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/Services/Init/login-collapsed.js HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 09:35:55 GMT
etag: W/"6424067b-1024"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/GlobalScreen/Client/dist/GS.js?version=7_29 | 93.159.251.207 | 200 OK | 18 kB |
URL GET HTTP/293.159.251.207/src/GlobalScreen/Client/dist/GS.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Hash061ccec97ee96208588c3d7a6add9dbe 3fb2b7c0dc5e8435829d1d0748db8a82000f2d47 53b513d5291ab256144bbacd9a468b1f0d93b300e1364fb8f539527c014ddca7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/GlobalScreen/Client/dist/GS.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 01:04:17 GMT
etag: W/"64599c11-4543"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/Page/stdpage.js?version=7_29 | 93.159.251.207 | 200 OK | 2.2 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/Page/stdpage.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2440), with no line terminators Hash4e71cd5e12d8fcda03f11eaaab22c25c e74b7643514517df2194e737b8e98e6a8180dba2 08d09618e0f1c4a995c5c41eafd3ca4785a3943338a1fc763ad798a46ad3b1f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/Page/stdpage.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-879"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/HeaderIconResponsive.svg | 93.159.251.207 | 200 OK | 14 kB |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/HeaderIconResponsive.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash739d48ac2a7edfe848aa59d00f4f64d9 91efefd94bd2c59f3e7fd21377266eaebefa5fc6 5f085b1b02800b4fef4e9fd2dd5ad875c3d8872a1ee44a8d80ab341d504b6496
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/HeaderIconResponsive.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Tue, 03 Jan 2023 10:59:18 GMT
etag: W/"63b40a86-387b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_reptr.svg | 93.159.251.207 | 200 OK | 290 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/outlined/icon_reptr.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash8bb963a016f64180bc21a4a5426361e3 c0d0f2f84ad3a6e2a72e4eaddecb3e79f8934939 30690ad5e384d3ecac15a503a56dd18d79493e25d404aead93fa768c5b89f4ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/outlined/icon_reptr.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 07:19:15 GMT
etag: W/"6368b173-122"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/jquery/dist/jquery.js?version=7_29 | 93.159.251.207 | 200 OK | 288 kB |
URL GET HTTP/293.159.251.207/node_modules/jquery/dist/jquery.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text Size288 kB (287630 bytes) Hash23c7c5d2d1317508e807a6c7f777d6ed ad16c4a132ad2a03b4951185fed46d55397b5e88 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/jquery/dist/jquery.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-4638e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/MainControls/footer.js?version=7_29 | 93.159.251.207 | 200 OK | 247 B |
URL GET HTTP/293.159.251.207/src/UI/templates/js/MainControls/footer.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with no line terminators Hashbd8dd478ca0756c946c388e3a3d447d3 1c125ba560a96f9a31334f902305c1c8122f2b81 0e1f2659a2173d14de7220afc08f6918661f0578aa8fbc8f436dcc57a95f0d25
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/MainControls/footer.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/jstree/dist/themes/default/style.min.css?version=7_29 | 93.159.251.207 | 200 OK | 27 kB |
URL GET HTTP/293.159.251.207/node_modules/jstree/dist/themes/default/style.min.css?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeASCII text, with very long lines (27281), with no line terminators Hash779fc4b400d1748ec2fb99685ad80550 d70cad78b5a91e552cf451f62b73e2f8e56a4a8b 817f59e047affc40e0f556796089262904aa7001cbf2d493f74747bedbad8d38
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/jstree/dist/themes/default/style.min.css?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-6a91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/src/UI/templates/js/MainControls/slate.js?version=7_29 | 93.159.251.207 | 200 OK | 2.3 kB |
URL GET HTTP/293.159.251.207/src/UI/templates/js/MainControls/slate.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (2673), with no line terminators Hashfdb71ac30bbbbbc7273dbfadc843de46 01d3cc1eaf4e11935e16e8f4f258ef8ce1486d5f a073dcf96941b5bdd63cc304f4ffad6ea6c083d4c2d7db100398a1089b05518a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /src/UI/templates/js/MainControls/slate.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-925"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/moment/min/moment-with-locales.min.js?version=7_29 | 93.159.251.207 | 200 OK | 369 kB |
URL GET HTTP/293.159.251.207/node_modules/moment/min/moment-with-locales.min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size369 kB (369019 bytes) Hashd458b68730a7330653700489333a7837 4059aeca1d0b99aec8006b37a927f09d9c0e794d 430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/moment/min/moment-with-locales.min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-5a17b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/Customizing/global/skin/bfw/images/password.svg | 93.159.251.207 | 200 OK | 440 B |
URL GET HTTP/293.159.251.207/Customizing/global/skin/bfw/images/password.svg IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeSVG Scalable Vector Graphics image Hash4eb9738fe6b49134d24e94e87756a1c5 427984703dec82d28bb650e9548ce5355eb9e711 b4c17b1ca83c8e0f62c9f3db9db49d4c77c62e4aab5352119034b67094a7124b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Customizing/global/skin/bfw/images/password.svg HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: image/svg+xml
last-modified: Mon, 07 Nov 2022 14:28:04 GMT
etag: W/"636915f4-1b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/jquery-migrate/dist/jquery-migrate.min.js?version=7_29 | 93.159.251.207 | 200 OK | 7.1 kB |
URL GET HTTP/293.159.251.207/node_modules/jquery-migrate/dist/jquery-migrate.min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (7280), with no line terminators Hasha9fddc6e558be0a092c7267edff92554 9648691b1a77e7bfe88bbebd2284265fdddf07ae d3ee66d944fbbbe96c85afd02922be9318a88c5bb143aa67e730569706b7a081
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/jquery-migrate/dist/jquery-migrate.min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-1bab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/bootstrap/dist/js/bootstrap.min.js?version=7_29 | 93.159.251.207 | 200 OK | 40 kB |
URL GET HTTP/293.159.251.207/node_modules/bootstrap/dist/js/bootstrap.min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (39553) Hash2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/bootstrap/dist/js/bootstrap.min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:09 GMT
etag: W/"632c4999-9b00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 93.159.251.207/node_modules/maphilight/jquery.maphilight.min.js?version=7_29 | 93.159.251.207 | 200 OK | 6.2 kB |
URL GET HTTP/293.159.251.207/node_modules/maphilight/jquery.maphilight.min.js?version=7_29 IP93.159.251.207:443 ASN#34953 RelAix Networks GmbH
Requested byhttps://93.159.251.207/login.php CertificateIssuerLet's Encrypt Subject*.invorbereitung.de Fingerprint3F:B5:10:FE:9E:A4:1A:44:EC:A7:D1:D0:C7:01:59:C8:17:5A:A6:7A ValidityTue, 09 Apr 2024 00:08:09 GMT - Mon, 08 Jul 2024 00:08:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6448), with no line terminators Hash948a703ce8ea016e814e29828b34e8b8 1172addad83f0d63f88de737fae3ea58c8893a1f c65e287a74dfce94275a2b9bd543e1003cfcde964206277a48693f28faec345b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /node_modules/maphilight/jquery.maphilight.min.js?version=7_29 HTTP/1.1
Host: 93.159.251.207
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://93.159.251.207/login.php
Cookie: ilClientId=BFWMICHAELSHOVENinvor; PHPSESSID=3ac8cdee2748a393bbbde94a87dcaf03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 09:24:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 11:40:10 GMT
etag: W/"632c499a-1838"
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
|
|