Report - bunk3r.bplaced.net/mydigitallife/W10UI

Report Overview

Visited public
2025-05-01 03:38:10
Tags
URL
bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Finishing URL
bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
IP / ASN
162.55.0.137
#24940 Hetzner Online GmbH
Title
404

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.bplaced.net	unknown	2007-09-05	2012-06-26	2025-04-23	2.7 kB	138 kB	162.55.0.137
bunk3r.bplaced.net	unknown	2007-09-05	2022-06-14	2023-01-29	948 B	15 kB	162.55.0.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-01 03:37:42	low	162.55.0.137	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip	ScriptElement	1.7 kB	2025-03-05	2025-05-14
Pretty URL bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip IP 162.55.0.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-05 12:39 Last Seen2025-05-14 05:12 Times Seen54 Hash defae211d16a4c7bb25067b9ba50f4e2 7140afd3b1a1b49c8fe81dad0dda0a15ff72d84b dd8a3ff162f6bc5b759b07fdf2bb47cc5cfe5f470f7e1c510caf371119a501a6 Loading...

HTTP Transactions (8)

URL IP Response Size

www.bplaced.net/favicon-16x16.png

162.55.0.137

200 OK

977 B

URL GET
www.bplaced.net/favicon-16x16.png
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
977 B (977 bytes)
Hash
4f10f5db793cd0087d04b0ef091dae54
f6dd4d97f1b7cc59c3379bcb6cb968670f7b5c46
f86d9dc5302f17447082fe0cfd10b67e9e3c20baf323769960d30c39007d6765

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://bunk3r.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=136
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 31 Mar 2025 21:32:41 GMT
etag: "3d1-631aa28fa864f"
accept-ranges: bytes
content-length: 977
cache-control: max-age=7200
expires: Thu, 01 May 2025 05:37:39 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Thu, 01 May 2025 03:37:39 GMT
server: Apache
X-Firefox-Spdy: h2

bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip

162.55.0.137

403 Forbidden

7.1 kB

URL User Request GET
bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (669)
Size
7.1 kB (7103 bytes)
Hash
c377971577c4f07c49c74f6804b17a63
a06710fb36c0efd876316bff0169ea3e4365caad
c47e247b6c246dd4ebd12327d7db924ed6fc17859c38b9d0fa368408beaf3b32

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

GET /mydigitallife/W10UI_10.25.zip HTTP/1.1
Host: bunk3r.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
x-bp-nsa-reqid: (null) a.14UID=381
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:29:29 GMT
etag: "1bbf-5ea8944ceff23-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1716
content-type: text/html
date: Thu, 01 May 2025 03:37:38 GMT
server: Apache
X-Firefox-Spdy: h2

bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip

162.55.0.137

403 Forbidden

7.1 kB

URL User Request GET
bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
IP
162.55.0.137:80
ASN
#24940 Hetzner Online GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (669)
Size
7.1 kB (7103 bytes)
Hash
c377971577c4f07c49c74f6804b17a63
a06710fb36c0efd876316bff0169ea3e4365caad
c47e247b6c246dd4ebd12327d7db924ed6fc17859c38b9d0fa368408beaf3b32

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

GET /mydigitallife/W10UI_10.25.zip HTTP/1.1
Host: bunk3r.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Thu, 01 May 2025 03:37:38 GMT
Server: Apache
X-BP-NSA-REQID: (null) a.14UID=300
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 08 Oct 2022 17:29:29 GMT
ETag: "1bbf-5ea8944ceff23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1716
Keep-Alive: timeout=4, max=500
Content-Type: text/html

www.bplaced.net/css/error.css

162.55.0.137

200 OK

17 kB

URL GET
www.bplaced.net/css/error.css
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
ASCII text, with very long lines (16767), with no line terminators
Size
17 kB (16767 bytes)
Hash
2ef56c3bd3aaa724661d80228914e17c
6ae27642cd16aa84b8f4c6c7f5eeacf0f6266278
3c716474a426f71aac76bccf441f759ecf53c8a4ca07ac902459b5f501fb6aa0

HTTP Headers

GET /css/error.css HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://bunk3r.bplaced.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=664
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Tue, 22 Apr 2025 01:25:20 GMT
etag: "417f-63353dbab07f9-gzip"
accept-ranges: bytes
cache-control: max-age=7200
expires: Thu, 01 May 2025 05:37:38 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-ua-compatible: IE=Edge,chrome=1
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: content: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net; style-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-inline'; media-src *;
content-length: 3745
content-type: text/css
date: Thu, 01 May 2025 03:37:38 GMT
server: Apache
X-Firefox-Spdy: h2

www.bplaced.net/gfx/emblem_b_xs.png

162.55.0.137

200 OK

2.1 kB

URL GET
www.bplaced.net/gfx/emblem_b_xs.png
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
PNG image data, 87 x 80, 8-bit/color RGB, non-interlaced
Size
2.1 kB (2064 bytes)
Hash
4a092da4b2aeec53d413f03225b6ea27
39ba9c5f72f2909e8540e84337cc7834369063b3
15f1dfd8e227da520e9c4231a6c7e9caf783d111c99147b5499c5387ad6a01dc

HTTP Headers

GET /gfx/emblem_b_xs.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://bunk3r.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=278
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 31 Mar 2025 21:32:45 GMT
etag: "810-631aa29374935"
accept-ranges: bytes
content-length: 2064
cache-control: max-age=7200
expires: Thu, 01 May 2025 05:37:38 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Thu, 01 May 2025 03:37:38 GMT
server: Apache
X-Firefox-Spdy: h2

www.bplaced.net/gfx/error.jpeg

162.55.0.137

200 OK

67 kB

URL GET
www.bplaced.net/gfx/error.jpeg
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=bplaced, copyright=bplaced], comment: "(c) bplaced", baseline, precision 8, 734x421, components 3
Size
67 kB (67411 bytes)
Hash
d8e461fb203971e359e8932334d21a14
4a8bea6b37aa7c35ae42ffb9ca419c4308e6ab80
fa4b417e2133117565c216db3a4e9372e83d9116349c2f4bc1f015dd5b85701c

HTTP Headers

GET /gfx/error.jpeg HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bplaced.net/css/error.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=190
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 31 Mar 2025 21:32:52 GMT
etag: "10753-631aa29980b13"
accept-ranges: bytes
content-length: 67411
cache-control: max-age=7200
expires: Thu, 01 May 2025 05:37:38 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/jpeg
date: Thu, 01 May 2025 03:37:38 GMT
server: Apache
X-Firefox-Spdy: h2

www.bplaced.net/fonts/opensans-semibold.ttf

162.55.0.137

200 OK

33 kB

URL GET
www.bplaced.net/fonts/opensans-semibold.ttf
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
TrueType Font data, 19 tables, 1st "FFTM", 30 names, Macintosh
Size
33 kB (33160 bytes)
Hash
09342995dee65977ca9ca4b6c169db10
1f528b0e2fda50194f5535b4aae9135d09088c45
29c5594bd8ff46379b4e16eb47e86609acf07d86c7f705933b53239fcb448839

HTTP Headers

GET /fonts/opensans-semibold.ttf HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bunk3r.bplaced.net
DNT: 1
Connection: keep-alive
Referer: https://www.bplaced.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=1468
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:29:29 GMT
etag: "8188-5ea8944cf1e64-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-ua-compatible: IE=Edge,chrome=1
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: content: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net; style-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-inline'; media-src *;
content-length: 20754
content-type: font/ttf
date: Thu, 01 May 2025 03:37:38 GMT
server: Apache
X-Firefox-Spdy: h2

www.bplaced.net/apple-touch-icon.png

162.55.0.137

200 OK

14 kB

URL GET
www.bplaced.net/apple-touch-icon.png
IP
162.55.0.137:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://bunk3r.bplaced.net/mydigitallife/W10UI_10.25.zip
Certificate
IssuerLet's Encrypt
Subjectbplaced.net
FingerprintD2:34:0B:3A:BC:DD:71:53:33:15:AB:0C:3F:77:07:23:46:F6:60:EE
ValiditySat, 01 Mar 2025 23:01:54 GMT - Fri, 30 May 2025 23:01:53 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
14 kB (14014 bytes)
Hash
886fe29c38dac33aab1c0467ebd26ebf
6fe92a13538359015f0d417284150a018f6c961e
8e738af1df488e21cba461a8995f4924098a5de73acd338cd0700a3ea5f69f48

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://bunk3r.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=132
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 31 Mar 2025 21:32:42 GMT
etag: "36be-631aa28ff1263"
accept-ranges: bytes
content-length: 14014
cache-control: max-age=7200
expires: Thu, 01 May 2025 05:37:39 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Thu, 01 May 2025 03:37:39 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size