217.160.0.240200 OK 632 B URL User Request GET HTTP/1.1 IP 217.160.0.240:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 5c2be4e6f6426a0bef355b3cfca646a0
1b674079fcb831b94f98485d5191ceb4e34a0098
02cd79a890782c7c37ee8fe66a74210bca541b729f4d442daeaaa857dcd6b225
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET / HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:48 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:40 GMT
ETag: W/"5bb-507256a2be800"
Content-Encoding: gzip
last-minute-tipp.de/styles.css
217.160.0.240404 Not Found 569 B URL GET HTTP/1.1 last-minute-tipp.de/styles.css
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa9aaa82f7bd30a1ec0b9f616bd3b810
d0494eaac352df586adade235d1e58d44fa7051f
5b91dd665bf31140958c0a1a6a3de0e34b41b9ef560eb7cdcb8fd255b5266604
GET /styles.css HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:49 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84309
83.246.47.66302 Found 1 B URL GET HTTP/1.1 stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84309
IP 83.246.47.66:80
ASN #24679 Hostway Deutschland GmbH
Requested by http://last-minute-tipp.de/
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /wwykqk4d.php?id=84309 HTTP/1.1
Host: stationaere-hochdruckreiniger.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 04:14:49 GMT
Server: Apache
Location: http://localhost/
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
last-minute-tipp.de/styles.css
217.160.0.240404 Not Found 569 B URL GET HTTP/1.1 last-minute-tipp.de/styles.css
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa9aaa82f7bd30a1ec0b9f616bd3b810
d0494eaac352df586adade235d1e58d44fa7051f
5b91dd665bf31140958c0a1a6a3de0e34b41b9ef560eb7cdcb8fd255b5266604
GET /styles.css HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
last-minute-tipp.de/left.html
217.160.0.240200 OK 341 B URL GET HTTP/1.1 last-minute-tipp.de/left.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash f54321eaa124e690eac7a6fcf8573902
1a2cadf1bcb170ed24233ec85c97f2713c566699
abc254759c3c0e7d155db708b080526cdf1a242c7c0bb88501fc8192818e8f4f
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET /left.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:41 GMT
ETag: W/"1e1-507256a3b2a40"
Content-Encoding: gzip
last-minute-tipp.de/main.html
217.160.0.240403 Forbidden 569 B URL GET HTTP/1.1 last-minute-tipp.de/main.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa9aaa82f7bd30a1ec0b9f616bd3b810
d0494eaac352df586adade235d1e58d44fa7051f
5b91dd665bf31140958c0a1a6a3de0e34b41b9ef560eb7cdcb8fd255b5266604
GET /main.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
last-minute-tipp.de/rechts.html
217.160.0.240200 OK 461 B URL GET HTTP/1.1 last-minute-tipp.de/rechts.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ff8d9dc746916ad1b3e65c18c0fce0d5
73c73c4df3c7133b6f17a7c72911db8d89d8211b
e97bd1a86b856c91ca9553bff4a9f8e5ff9092d248bfd87bfd1f0b27755b25f7
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET /rechts.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:51 GMT
ETag: W/"2d0-507256ad3c0c0"
Content-Encoding: gzip
last-minute-tipp.de/nav-home.html
217.160.0.240403 Forbidden 569 B URL GET HTTP/1.1 last-minute-tipp.de/nav-home.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa9aaa82f7bd30a1ec0b9f616bd3b810
d0494eaac352df586adade235d1e58d44fa7051f
5b91dd665bf31140958c0a1a6a3de0e34b41b9ef560eb7cdcb8fd255b5266604
GET /nav-home.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
last-minute-tipp.de/unten.html
217.160.0.240200 OK 660 B URL GET HTTP/1.1 last-minute-tipp.de/unten.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ec08cc7a30cd663dd2a534a5b0ca822d
8302b7dfcc9a7e778abbf628d73088c96a6792a4
4e263daeedbfb45919c10acff8394613ba0e25f7ce68a9ab23cb5810ffcdb212
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET /unten.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:53 GMT
ETag: W/"482-507256af24540"
Content-Encoding: gzip
last-minute-tipp.de/header.html
217.160.0.240200 OK 1.7 kB URL GET HTTP/1.1 last-minute-tipp.de/header.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash bda75d7c2e0768f70feb62a432507b17
549aed80e839e0bdd5c4e21d4399cbe57c6bc1b2
5a94c5e21f5685fe981e6fcc490f93a956eb80b85aeaeb56d989aee1fa7dd04d
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET /header.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:40 GMT
ETag: W/"11ca-507256a2be800"
Content-Encoding: gzip
last-minute-tipp.de/favicon.ico
217.160.0.240404 Not Found 569 B URL GET HTTP/1.1 last-minute-tipp.de/favicon.ico
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa9aaa82f7bd30a1ec0b9f616bd3b810
d0494eaac352df586adade235d1e58d44fa7051f
5b91dd665bf31140958c0a1a6a3de0e34b41b9ef560eb7cdcb8fd255b5266604
GET /favicon.ico HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
last-minute-tipp.de/Bilder/shad/shad-ru.gif
217.160.0.240200 OK 118 B URL GET HTTP/1.1 last-minute-tipp.de/Bilder/shad/shad-ru.gif
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/rechts.html
File type GIF image data, version 89a, 14 x 13\012- data
Hash 545038f5ad3e5cd966cdabddbe0e0fdb
7b005f84b886082b94541c56625b01d79ababeb8
68a86eb01f03744aa3c5f7cc80ba3d75930674f08343b2eb12842441701f23c1
GET /Bilder/shad/shad-ru.gif HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/rechts.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 118
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:46:43 GMT
ETag: "76-465400892e6c0"
Accept-Ranges: bytes
last-minute-tipp.de/Bilder/shad/shad-l.gif
217.160.0.240200 OK 105 B URL GET HTTP/1.1 last-minute-tipp.de/Bilder/shad/shad-l.gif
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/unten.html
File type GIF image data, version 89a, 25 x 7\012- data
Hash 84424e5ac5b22e6fa415920d4bd9b1cb
cabd8e32c4f3462be08d1ac25a1070990e83fe2b
0bf426dd94bba580331d1a4405ce01167b82c9065ad84809cdc7387f1c6e7b5b
GET /Bilder/shad/shad-l.gif HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/unten.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 105
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:46:43 GMT
ETag: "69-465400892e6c0"
Accept-Ranges: bytes
last-minute-tipp.de/form.css
217.160.0.240200 OK 4.2 kB URL GET HTTP/1.1 last-minute-tipp.de/form.css
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/header.html
Hash a7588de947eef59f50c4b37dcaf9ef42
0fc8db79e293e4400dd36afaa14e54798f10f956
cdd8df9a0947cbd07d090a000d3e0267dbb2150d3ed19ef093dcc0cbb9344994
GET /form.css HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/header.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4155
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:44:25 GMT
ETag: "103b-4654000593040"
Accept-Ranges: bytes
last-minute-tipp.de/Bilder/shad/shad-right.gif
217.160.0.240200 OK 67 B URL GET HTTP/1.1 last-minute-tipp.de/Bilder/shad/shad-right.gif
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/rechts.html
File type GIF image data, version 89a, 14 x 1\012- data
Hash 0a0da172d4fddcb32ac41a7e691c4fd9
34c68c42499a35e98bdec398d805c9b73274df32
a7f192827906c26391d687b034c6a56144caf4288219ad415605cea70d616d8a
GET /Bilder/shad/shad-right.gif HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/rechts.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 67
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:46:43 GMT
ETag: "43-465400892e6c0"
Accept-Ranges: bytes
last-minute-tipp.de/Bilder/header/Logo.jpg
217.160.0.240200 OK 14 kB URL GET HTTP/1.1 last-minute-tipp.de/Bilder/header/Logo.jpg
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/header.html
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Macintosh, datetime=2007:11:02 16:30:55], baseline, precision 8, 497x25, components 3\012- data
Hash 9456f4f410bd63613c4ca08bb50d4f9a
4ef2cd160c65c060dbe83f7d23d4e49f13aa7625
73e5fb0d7a565bf61d8a012160eeec72a1d07d9e491ae56f999ce2288a1bafe6
GET /Bilder/header/Logo.jpg HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/header.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 14207
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:45:23 GMT
ETag: "377f-4654003ce32c0"
Accept-Ranges: bytes
last-minute-tipp.de/Bilder/header/Header.jpg
217.160.0.240200 OK 78 kB URL GET HTTP/1.1 last-minute-tipp.de/Bilder/header/Header.jpg
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/header.html
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 900x115, components 3\012- data
Hash 7c9b5d94f5bf2c596bbb3bf8ce1239a9
451441260a5d8df2b2aab3ea15747226e33d68fe
fd8f5cb611a2cf1e8f339e187cb40a5e60231329d6b9e9e11ddc59407c0ed234
GET /Bilder/header/Header.jpg HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/header.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 78389
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2011 22:35:15 GMT
ETag: "13235-49a76fb03eec0"
Accept-Ranges: bytes
stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84314
83.246.47.66302 Found 1 B URL GET HTTP/1.1 stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84314
IP 83.246.47.66:80
ASN #24679 Hostway Deutschland GmbH
Requested by http://last-minute-tipp.de/left.html
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /wwykqk4d.php?id=84314 HTTP/1.1
Host: stationaere-hochdruckreiniger.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Location: http://localhost/
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84361
83.246.47.66302 Found 1 B URL GET HTTP/1.1 stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84361
IP 83.246.47.66:80
ASN #24679 Hostway Deutschland GmbH
Requested by http://last-minute-tipp.de/unten.html
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /wwykqk4d.php?id=84361 HTTP/1.1
Host: stationaere-hochdruckreiniger.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Location: http://localhost/
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84306
83.246.47.66302 Found 1 B URL GET HTTP/1.1 stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84306
IP 83.246.47.66:80
ASN #24679 Hostway Deutschland GmbH
Requested by http://last-minute-tipp.de/header.html
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /wwykqk4d.php?id=84306 HTTP/1.1
Host: stationaere-hochdruckreiniger.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Location: http://localhost/
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84354
83.246.47.66302 Found 1 B URL GET HTTP/1.1 stationaere-hochdruckreiniger.de/wwykqk4d.php?id=84354
IP 83.246.47.66:80
ASN #24679 Hostway Deutschland GmbH
Requested by http://last-minute-tipp.de/rechts.html
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /wwykqk4d.php?id=84354 HTTP/1.1
Host: stationaere-hochdruckreiniger.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 01 Jun 2023 04:14:51 GMT
Server: Apache
Location: http://localhost/
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
last-minute-tipp.de/Bilder/shad/shad-unten.gif
217.160.0.240200 OK 64 B URL GET HTTP/1.1 last-minute-tipp.de/Bilder/shad/shad-unten.gif
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/unten.html
File type GIF image data, version 89a, 1 x 7\012- data
Hash 2db74ed1e7b57baaf1966367b4fad2fb
31362b66c5634149f65d417d5c74aec451a8dcbd
6b8d388817927765adc56344a99cedfb182e412bfb32ba756919150c0c13df86
GET /Bilder/shad/shad-unten.gif HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://last-minute-tipp.de/unten.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:14:54 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2009 17:46:44 GMT
ETag: "40-4654008a22900"
Accept-Ranges: bytes
last-minute-tipp.de/header.html
217.160.0.240200 OK 1.7 kB URL GET HTTP/1.1 last-minute-tipp.de/header.html
IP 217.160.0.240:80
Requested by http://last-minute-tipp.de/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash bda75d7c2e0768f70feb62a432507b17
549aed80e839e0bdd5c4e21d4399cbe57c6bc1b2
5a94c5e21f5685fe981e6fcc490f93a956eb80b85aeaeb56d989aee1fa7dd04d
NIDS Severity Alert suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 08
suricata high ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 09
GET /header.html HTTP/1.1
Host: last-minute-tipp.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Jun 2023 04:15:03 GMT
Server: Apache
Last-Modified: Thu, 06 Nov 2014 00:02:40 GMT
ETag: W/"11ca-507256a2be800"
Content-Encoding: gzip
localhost/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://last-minute-tipp.de/header.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://last-minute-tipp.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
localhost/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://last-minute-tipp.de/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://last-minute-tipp.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
localhost/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://last-minute-tipp.de/rechts.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://last-minute-tipp.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
localhost/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://last-minute-tipp.de/left.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://last-minute-tipp.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
localhost/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://last-minute-tipp.de/unten.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://last-minute-tipp.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache