urlquery - report: 160.44.207.113

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP	Comment
ocsp.globalsign.com (1)	2075	2012-07-20 19:46:16	2023-05-26 05:13:09	349	1906	104.18.20.226
160.44.207.113 (2)	0	2018-09-27 14:00:35	2023-05-25 19:36:10	862	0	0.0.0.0

Fully Qualifying Domain Name

Rank

First Seen

Last Seen

Sent bytes

Received bytes

Comment

ocsp.globalsign.com (1)

2075

2012-07-20 19:46:16

2023-05-26 05:13:09

349

1906

104.18.20.226

160.44.207.113 (2)

2018-09-27 14:00:35

2023-05-25 19:36:10

862

0.0.0.0

Scan Date	Severity	Indicator	Comment
2023-05-26	medium	160.44.207.113	Sinkholed
2023-05-26	medium	160.44.207.113	Sinkholed

Scan Date

Severity

Indicator

Comment

2023-05-26

medium

160.44.207.113

Sinkholed

2023-05-26

medium

160.44.207.113

Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-05-26 14:57:20 UTC	0 - 0 - 2	160.44.207.113	160.44.207.113

Date

UQ / IDS / BL

URL

2023-05-26 14:57:20 UTC

0 - 0 - 2

160.44.207.113

Date	UQ / IDS / BL	URL	IP
2023-06-03 19:30:45 UTC	0 - 0 - 2	80.158.62.179	80.158.62.179
2023-05-30 22:25:13 UTC	0 - 4 - 0	userservice.sick.com/	80.158.5.11
2023-05-30 20:44:17 UTC	0 - 0 - 2	80.158.23.107	80.158.23.107
2023-05-30 20:44:16 UTC	0 - 0 - 2	80.158.40.102	80.158.40.102
2023-05-29 12:06:44 UTC	0 - 0 - 2	160.44.204.244	160.44.204.244

Date

UQ / IDS / BL

URL

2023-06-03 19:30:45 UTC

0 - 0 - 2

80.158.62.179

2023-05-30 22:25:13 UTC

0 - 4 - 0

userservice.sick.com/

80.158.5.11

2023-05-30 20:44:17 UTC

0 - 0 - 2

80.158.23.107

2023-05-30 20:44:16 UTC

0 - 0 - 2

80.158.40.102

2023-05-29 12:06:44 UTC

0 - 0 - 2

160.44.204.244

Date	UQ / IDS / BL	URL	IP
2023-05-26 14:57:20 UTC	0 - 0 - 2	160.44.207.113	160.44.207.113

Date

UQ / IDS / BL

URL

2023-05-26 14:57:20 UTC

0 - 0 - 2

160.44.207.113

Date	UQ / IDS / BL	URL	IP
2023-06-04 01:51:20 UTC	3 - 1 - 4	vojyqem.com/TLepZ/MWcXZ/login.php	167.99.35.88
2023-06-04 01:51:08 UTC	0 - 2 - 1	a0623621.xsph.ru/	141.8.197.42
2023-06-04 01:49:55 UTC	0 - 2 - 0	a0759120.xsph.ru/	141.8.197.42
2023-06-04 01:44:09 UTC	0 - 2 - 0	a0546333.xsph.ru/	141.8.197.42
2023-06-04 01:44:08 UTC	0 - 2 - 0	f0558865.xsph.ru/	141.8.197.42

Date

UQ / IDS / BL

URL

2023-06-04 01:51:20 UTC

3 - 1 - 4

vojyqem.com/TLepZ/MWcXZ/login.php

167.99.35.88

2023-06-04 01:51:08 UTC

0 - 2 - 1

a0623621.xsph.ru/

141.8.197.42

2023-06-04 01:49:55 UTC

0 - 2 - 0

a0759120.xsph.ru/

141.8.197.42

2023-06-04 01:44:09 UTC

0 - 2 - 0

a0546333.xsph.ru/

141.8.197.42

2023-06-04 01:44:08 UTC

0 - 2 - 0

f0558865.xsph.ru/

141.8.197.42

HTTP Transactions (3)

Request	Response
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 26 May 2023 14:57:03 GMT Content-Length: 1432 Connection: keep-alive Expires: Tue, 30 May 2023 14:13:09 GMT ETag: "2140b1023a9e44697983d9edbfcb4cb8180eea55" Last-Modified: Fri, 26 May 2023 14:13:10 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2110 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7cd6de4fb9c80b45-OSL --- Additional Info --- Magic: data Size: 1432 Md5: 330e3a77557e52e381349abfb7014385 Sha1: 2140b1023a9e44697983d9edbfcb4cb8180eea55 Sha256: ae370f1c58ba9c8afbbb3fa51868adf8376343cf77301c796efc9d6f5f98689c
GET / HTTP/1.1 Host: 160.44.207.113 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache	Blocklists: - quad9: Sinkholed
GET / HTTP/1.1 Host: 160.44.207.113 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache	Blocklists: - quad9: Sinkholed

Request

Response

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             104.18.20.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Fri, 26 May 2023 14:57:03 GMT 

                                            
                                                
Content-Length: 1432 

                                            
                                                
Connection: keep-alive 

                                            
                                                
Expires: Tue, 30 May 2023 14:13:09 GMT 

                                            
                                                
ETag: "2140b1023a9e44697983d9edbfcb4cb8180eea55" 

                                            
                                                
Last-Modified: Fri, 26 May 2023 14:13:10 GMT 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                            
                                                
CF-Cache-Status: HIT 

                                            
                                                
Age: 2110 

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Server: cloudflare 

                                            
                                                
CF-RAY: 7cd6de4fb9c80b45-OSL 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   1432

                                                Md5:    330e3a77557e52e381349abfb7014385

                                                Sha1:   2140b1023a9e44697983d9edbfcb4cb8180eea55

                                                Sha256: ae370f1c58ba9c8afbbb3fa51868adf8376343cf77301c796efc9d6f5f98689c

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: 160.44.207.113

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
DNT: 1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                            
                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - quad9: Sinkholed

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: 160.44.207.113

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                            
                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - quad9: Sinkholed

URL	160.44.207.113
IP	160.44.207.113 (Germany)
ASN	#6878 T-Systems International GmbH
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-05-26 14:57:20 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (2)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 160.44.207.113

Last 5 reports on ASN: T-Systems International GmbH

Last 1 reports on domain: 160.44.207.113

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Overview

Domain Summary (2)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 160.44.207.113

Last 5 reports on ASN: T-Systems International GmbH

Last 1 reports on domain: 160.44.207.113

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (3)

Network Intrusion Detection Systems