Report - thannich.hier-im-netz.de/

Report Overview

Visited public
2024-12-21 05:35:54
Tags
URL
thannich.hier-im-netz.de/
Finishing URL
thannich.hier-im-netz.de/
IP / ASN
80.150.6.138
#3320 Deutsche Telekom AG
Title
thannich.hier-im-netz.de/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
thannich.hier-im-netz.de	unknown	unknown	2024-09-22	2024-09-22	934 B	1.3 kB	80.150.6.138
homepage.t-online.de	397496	unknown	2017-02-01	2024-12-21	1.2 kB	14 kB	80.150.6.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-21	medium	hier-im-netz.de	Sinkholed
2024-12-21	medium	hier-im-netz.de	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

URL IP Response Size

thannich.hier-im-netz.de/

80.150.6.138

200 OK

865 B

URL User Request GET HTTP/2
thannich.hier-im-netz.de/
IP
80.150.6.138:443
ASN
#3320 Deutsche Telekom AG

Certificate
IssuerDeutsche Telekom Security GmbH
Subject*.hier-im-netz.de
Fingerprint12:BC:0D:F9:DE:0A:41:A2:44:BD:76:D8:E6:C5:50:56:18:24:26:8B
ValidityTue, 17 Dec 2024 06:55:43 GMT - Sun, 21 Dec 2025 23:59:59 GMT

File type
HTML document, ISO-8859 text
Size
865 B (865 bytes)
Hash
d66fe2e57d52f6b61604eb2f15863144
c1b117119ec8ee963dabcebda8ef347edc24201a
150259f3d96ddffedff5f92242b604bee79ba33d333b054fbcdbccf13a51d2c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: thannich.hier-im-netz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 865
accept-ranges: bytes
server: CM4all Webserver
content-type: text/html
date: Sat, 21 Dec 2024 05:35:29 GMT
etag: "0g1-neks22-353h701-0"
last-modified: Sun, 11 Apr 2004 00:09:07 GMT
X-Firefox-Spdy: h2

homepage.t-online.de/service/img/b2c_left.gif

80.150.6.190

200 OK

2.4 kB

URL GET HTTP/1.1
homepage.t-online.de/service/img/b2c_left.gif
IP
80.150.6.190:443
ASN
#3320 Deutsche Telekom AG

Requested by
https://thannich.hier-im-netz.de/
Certificate
IssuerDeutsche Telekom Security GmbH
Subject*.homepage.t-online.de
FingerprintBF:EE:94:D0:CA:DF:41:4A:81:E7:11:08:AD:A1:2A:CE:A7:6E:85:B7
ValidityMon, 10 Jun 2024 10:27:40 GMT - Sat, 14 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 333 x 36
Size
2.4 kB (2444 bytes)
Hash
b4fce77761dac3d3114847b56fc8149a
5812c243d8094a5a711dc4e1cea76b0a8f6652ea
bc492798bc9423de5934ba2dfd4c1925730173c331932350248761869c875128

HTTP Headers

GET /service/img/b2c_left.gif HTTP/1.1
Host: homepage.t-online.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 21 Dec 2024 05:35:29 GMT
Server: Apache/2.0.64 (Debian) JETServ/2.2.25 mod_jk2/2.0.4 CM4all-ModComa/1.1(libcoma/2.8.20) mod_apreq2-20051231/2.6.0
Last-Modified: Wed, 03 Feb 2010 11:40:31 GMT
ETag: "98c-47eb0af8649c0"
Accept-Ranges: bytes
Content-Length: 2444
P3P: CP="NOI COR CURa INT"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

homepage.t-online.de/service/img/b2c_right.gif

80.150.6.190

200 OK

10 kB

URL GET HTTP/1.1
homepage.t-online.de/service/img/b2c_right.gif
IP
80.150.6.190:443
ASN
#3320 Deutsche Telekom AG

Requested by
https://thannich.hier-im-netz.de/
Certificate
IssuerDeutsche Telekom Security GmbH
Subject*.homepage.t-online.de
FingerprintBF:EE:94:D0:CA:DF:41:4A:81:E7:11:08:AD:A1:2A:CE:A7:6E:85:B7
ValidityMon, 10 Jun 2024 10:27:40 GMT - Sat, 14 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 495 x 36
Size
10 kB (10130 bytes)
Hash
fafd60200bf5bca9a86b5ee5569083a8
ea887254444f8defb4dc667d325036e7f803f5cb
f76e1082d3bd69ef8052c632f94dd90e72aded31afa27fbadde8d6bad9003cc0

HTTP Headers

GET /service/img/b2c_right.gif HTTP/1.1
Host: homepage.t-online.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 21 Dec 2024 05:35:29 GMT
Server: Apache/2.0.64 (Debian) JETServ/2.2.25 mod_jk2/2.0.4 CM4all-ModComa/1.1(libcoma/2.8.20) mod_apreq2-20051231/2.6.0
Last-Modified: Wed, 03 Feb 2010 11:40:31 GMT
ETag: "2792-47eb0af8649c0"
Accept-Ranges: bytes
Content-Length: 10130
P3P: CP="NOI COR CURa INT"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

homepage.t-online.de/service/img/b2c_bckg.gif

80.150.6.190

200 OK

54 B

URL GET HTTP/1.1
homepage.t-online.de/service/img/b2c_bckg.gif
IP
80.150.6.190:443
ASN
#3320 Deutsche Telekom AG

Requested by
https://thannich.hier-im-netz.de/
Certificate
IssuerDeutsche Telekom Security GmbH
Subject*.homepage.t-online.de
FingerprintBF:EE:94:D0:CA:DF:41:4A:81:E7:11:08:AD:A1:2A:CE:A7:6E:85:B7
ValidityMon, 10 Jun 2024 10:27:40 GMT - Sat, 14 Jun 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 36
Size
54 B (54 bytes)
Hash
e8917025fbdc4de1390fe9ebed0b5e74
a3caad28cb45460b1d8aadfb31f942e060bd8ccf
a9a48b75db88f2bdc9756d7ba38bb36d8667ef8a23851c503d3c7a4e2013f568

HTTP Headers

GET /service/img/b2c_bckg.gif HTTP/1.1
Host: homepage.t-online.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 21 Dec 2024 05:35:29 GMT
Server: Apache/2.0.64 (Debian) JETServ/2.2.25 mod_jk2/2.0.4 CM4all-ModComa/1.1(libcoma/2.8.20) mod_apreq2-20051231/2.6.0
Last-Modified: Wed, 03 Feb 2010 11:40:31 GMT
ETag: "36-47eb0af8649c0"
Accept-Ranges: bytes
Content-Length: 54
P3P: CP="NOI COR CURa INT"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

thannich.hier-im-netz.de/favicon.ico

80.150.6.138

404 Not Found

34 B

URL GET HTTP/2
thannich.hier-im-netz.de/favicon.ico
IP
80.150.6.138:443
ASN
#3320 Deutsche Telekom AG

Requested by
https://thannich.hier-im-netz.de/
Certificate
IssuerDeutsche Telekom Security GmbH
Subject*.hier-im-netz.de
Fingerprint12:BC:0D:F9:DE:0A:41:A2:44:BD:76:D8:E6:C5:50:56:18:24:26:8B
ValidityTue, 17 Dec 2024 06:55:43 GMT - Sun, 21 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
32541efd24b012503776f14c721f8c8e
777cf581d32d3d1fee3df95946607f6b7ed26b5a
02da121ef131feaf8d8ac6c081129481fdd1b0fe89ba3bf02b55ef224fbfa814

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: thannich.hier-im-netz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thannich.hier-im-netz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 34
server: CM4all Webserver
content-type: text/plain
date: Sat, 21 Dec 2024 05:35:29 GMT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (5)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers