{"report_id":"365be610-65c4-44b3-88d9-ed823d6a24ef","version":6,"status":"done","tags":[],"date":"2026-02-10T14:38:33Z","url":{"schema":"http","addr":"fi-ae.com","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"ip":{"addr":"217.160.0.126","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"fi-ae.com/","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"title":"Praktikumsverwaltung","dom":{"size":520,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"dbec6ad9f72b7bd19b690117759e47e5","sha1":"7b813892efcc53732d57e7748e6f97e91756edc1","sha256":"40141ee1896a38df82489c2a5ecffc134f2ee5e4614f63abccd01627b9a10e29","sha512":"a8b115d1e553512d4d2be54b13ac11ada8ee73f7550b8fc4195dd0fb6a4160295ce11fecf7f3016b935cc119aa04a31c74643f4474dfd1b68f517227467dc721","ssdeep":"","tlshash":"85f05c4510e61c08eb01d0701fd596142ccec92305099d04babdbf6daf6964b839379e","dom_hash":"domhashf0b387efd42d25892ea94691e026f0f9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"fi-ae.com","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"ip":{"addr":"217.160.0.126","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-17T14:38:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"fi-ae.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fi-ae.com","ip":{"addr":"217.160.0.126","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"domain_registered":"2026-02-08","domain_rank":0,"first_seen":"2026-02-10T14:38:33.557227Z","last_seen":"2026-02-10T14:38:33.557227Z","alert_count":3,"request_count":3,"received_data":10082,"sent_data":1427,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fi-ae.com/","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"ip":{"addr":"217.160.0.126","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-10T14:38:12.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.fi-ae.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Mon, 08 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"7A:CE:04:0F:8B:E6:59:F2:57:71:5E:8B:C0:D3:89:E1:30:02:17:64","sha256":"04:F8:F1:61:9C:9E:93:13:34:12:C4:C8:42:97:5C:57:B6:03:29:89:90:A1:43:29:16:18:70:A9:A6:BA:54:02"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fi-ae.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 999\r\ndate: Tue, 10 Feb 2026 14:38:12 GMT\r\nserver: Apache\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=24edb80369271f2e8b7dce195e795d89; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":532,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"1f7ac4a85543ace7735f700e84b12728","sha1":"970292b39b1e170d24892082810c485dd9fda662","sha256":"88f1ceccfb8a990c5148d479f3a3bc84bfc28de7de7ea2a823f911e29b80a1d8","sha512":"ad62b2666552a084ddc825c986b27995abbd2801d3f6125a7fdfceb6fb9e4ae7aeaa88589703500556dcca669d2f0d5c2c6928e5554613f81a79937f574a3e78","ssdeep":"","tlshash":"4bf0544510d21d08a701d0602fd5a6142cceca23064a9d00b5fdbb2daf6574b436775d","first_seen":"2026-02-10T14:38:36.608583Z","last_seen":"2026-02-10T14:38:36.608583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":221,"dns":56,"connect":33,"send":0,"wait":93,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"fi-ae.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-ae.com/Praktikum.css","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"ip":{"addr":"217.160.0.126","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fi-ae.com/","date":"2026-02-10T14:38:12.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.fi-ae.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Mon, 08 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"7A:CE:04:0F:8B:E6:59:F2:57:71:5E:8B:C0:D3:89:E1:30:02:17:64","sha256":"04:F8:F1:61:9C:9E:93:13:34:12:C4:C8:42:97:5C:57:B6:03:29:89:90:A1:43:29:16:18:70:A9:A6:BA:54:02"}}},"request":{"raw":"GET /Praktikum.css HTTP/1.1\r\nHost: fi-ae.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-ae.com/\r\nCookie: PHPSESSID=24edb80369271f2e8b7dce195e795d89\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 8411\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 998\r\ndate: Tue, 10 Feb 2026 14:38:12 GMT\r\nserver: Apache\r\nlast-modified: Sun, 04 May 2025 18:57:34 GMT\r\netag: \"20db-63453f4cbc7a3\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8411,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"f7e47e6e130adf48c694e4f0670d5eb9","sha1":"bd1cbd2dcf9854ca4daee5a9b976f1d9a1e77b79","sha256":"80faff34457eafe4c75766b7f9caea6fc26de0e726d1d427a9ee31efa023744e","sha512":"30c4633146ebb792a80bf142b68965b441d27b37f71ad1b91507556cbdd7b42b802f804b66667e1fb1d41186a78c1613bfeda18d568c8bbd7bfb0e311f32a7f0","ssdeep":"192:BF7FaogNdpuUeFfppuUjpuUYppuUjpuUuppuUjpuUzqF2KHMPOvR/SOMdmfnfSC:XFaZKFf/Jc/JK/J/qFXuOVUC","tlshash":"550234a645768988e413d15adee46320330c821b1d4fbd79374f259caf2d88ed2f87b4","first_seen":"2026-02-10T14:38:36.60958Z","last_seen":"2026-02-10T14:38:36.60958Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"fi-ae.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-ae.com/favicon.ico","fqdn":"fi-ae.com","domain":"fi-ae.com","tld":"com"},"ip":{"addr":"217.160.0.126","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-ae.com/","date":"2026-02-10T14:38:12.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.fi-ae.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Mon, 08 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"7A:CE:04:0F:8B:E6:59:F2:57:71:5E:8B:C0:D3:89:E1:30:02:17:64","sha256":"04:F8:F1:61:9C:9E:93:13:34:12:C4:C8:42:97:5C:57:B6:03:29:89:90:A1:43:29:16:18:70:A9:A6:BA:54:02"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: fi-ae.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-ae.com/\r\nCookie: PHPSESSID=24edb80369271f2e8b7dce195e795d89\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=iso-8859-1\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 997\r\ndate: Tue, 10 Feb 2026 14:38:12 GMT\r\nserver: Apache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":236,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"54ddfcfcbac52ccc7451161d40934ad7","sha1":"3f9915360e96bd0c5c756209a62d99b0246a634d","sha256":"9448f8a1159c9b14e3e1b9d8eab1a6ddf88d26e1f888a34cef430c756e4e6e1e","sha512":"b5b31c06e9e8cfc08e09e90bc5ba77c970c5be644c109f14b4b430384d4cecefae4368e051ed96323cfd3fe7a0e9f4832025c2efd213aa64bf65c55625bd72e6","ssdeep":"","tlshash":"61d0a79e90939386415176907ec123d2654953ab78b143e96ec1944690086bdc0d919d","first_seen":"2025-12-07T09:00:18.523222Z","last_seen":"2026-06-07T07:40:54.480562Z","times_seen":5390,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"fi-ae.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}