monitoring.nhr.fau.de Open in urlscan Pro
131.188.202.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.nhr.fau.de/
Submission Tags: phishingrod
Submission: On July 13 via api (July 13th 2024, 10:05:57 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 131.188.202.70, located in Erlangen, Germany and belongs to DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE. The main domain is monitoring.nhr.fau.de.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.

This is the only time monitoring.nhr.fau.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	131.188.202.70 131.188.202.70		680 (DFN Verei...) (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.)
9	1

9 131.188.202.70 (Erlangen, Germany)

ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
PTR: monitoring.nhr.uni-erlangen.de

monitoring.nhr.fau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	fau.de monitoring.nhr.fau.de	221 KB
9	1

	Domain	Requested by
9	monitoring.nhr.fau.de	monitoring.nhr.fau.de
9	1

This site contains links to these domains. Also see Links.

Domain
portal.hpc.fau.de

Subject Issuer	Validity	Valid
monitoring.nhr.fau.de R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.nhr.fau.de/
Frame ID: 9E56404D2278C97496B1E104733959A3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Authentication failed - ClusterCockpit

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

221 kB
Transfer

588 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.hpc.fau.de/
Title: HPC Portal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	401 Unauthorized	Primary Request / Show response monitoring.nhr.fau.de/	5 KB 2 KB	58ms 15ms	Document text/html	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `71b99332f332966d8bb8dc5f199924153c2442efd9e5e1c50574063fe8e202db` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Encoding gzip Content-Length 1503 Date Sat, 13 Jul 2024 10:05:53 GMT Vary Accept-Encoding
GET H/1.1	200 OK	bootstrap.min.css monitoring.nhr.fau.de/	227 KB 30 KB	25ms 25ms	Stylesheet text/css	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/bootstrap.min.css Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	bootstrap-icons.css monitoring.nhr.fau.de/	92 KB 13 KB	46ms 22ms	Stylesheet text/css	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/bootstrap-icons.css Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `d8824f7067cdfea38afec7e9ffaf072125266824206d69ef1f112d72153a505e` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	global.css monitoring.nhr.fau.de/	1 KB 680 B	40ms 11ms	Stylesheet text/css	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/global.css Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `388968ed78dbdadddebfa2f7f65fae0fe3f98d1aa0a6b87db5d7aedc7a9c2c42` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Content-Length 495 Vary Accept-Encoding Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	uPlot.min.css monitoring.nhr.fau.de/	2 KB 959 B	41ms 12ms	Stylesheet text/css	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/uPlot.min.css Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `37d952f00df006ceab033267e05f050cedd8d6906467cc86525dee795dcfa6a9` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Content-Length 774 Vary Accept-Encoding Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	logo.png monitoring.nhr.fau.de/img/	16 KB 16 KB	43ms 14ms	Image image/png	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Show image Full URL https://monitoring.nhr.fau.de/img/logo.png Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `2c721f2908ac9e72e8dd939c04768104208083c5eca2e09085773356db9f010a` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png
GET H/1.1	200 OK	header.js Show response monitoring.nhr.fau.de/build/	115 KB 29 KB	46ms 17ms	Script text/javascript	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/build/header.js Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `6ab952a89ccdd9028dfad527a0dbfe817b03f047ea28cafc84616d5c2749e590` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	bootstrap-icons.woff2 monitoring.nhr.fau.de/fonts/	118 KB 119 KB	13ms 13ms	Font font/woff2	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/fonts/bootstrap-icons.woff2?1fa40e8900654d2863d011707b9fb6f2 Requested by Host: monitoring.nhr.fau.de URL: https://monitoring.nhr.fau.de/bootstrap-icons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f` Request headers Referer https://monitoring.nhr.fau.de/bootstrap-icons.css Origin https://monitoring.nhr.fau.de User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Vary Accept-Encoding Transfer-Encoding chunked Content-Type font/woff2 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Accept-Ranges bytes
GET H/1.1	200 OK	favicon.png monitoring.nhr.fau.de/	11 KB 11 KB	13ms 13ms	Other image/png	131.188.202.70 DFN Verein zur Fo...
General Check archive.org Show headers Download Go to Full URL https://monitoring.nhr.fau.de/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.188.202.70 Erlangen, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE), Reverse DNS monitoring.nhr.uni-erlangen.de Software / Resource Hash `ebc54841a73b3404196fc9336e650b1db3835fb52895c59c8513bc9da8144160` Request headers Referer https://monitoring.nhr.fau.de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:05:53 GMT Content-Encoding gzip Accept-Ranges bytes Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __svelte

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://monitoring.nhr.fau.de/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation	verbose	URL: https://monitoring.nhr.fau.de/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

monitoring.nhr.fau.de
131.188.202.70
2c721f2908ac9e72e8dd939c04768104208083c5eca2e09085773356db9f010a
37d952f00df006ceab033267e05f050cedd8d6906467cc86525dee795dcfa6a9
388968ed78dbdadddebfa2f7f65fae0fe3f98d1aa0a6b87db5d7aedc7a9c2c42
6ab952a89ccdd9028dfad527a0dbfe817b03f047ea28cafc84616d5c2749e590
71b99332f332966d8bb8dc5f199924153c2442efd9e5e1c50574063fe8e202db
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
d8824f7067cdfea38afec7e9ffaf072125266824206d69ef1f112d72153a505e
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
ebc54841a73b3404196fc9336e650b1db3835fb52895c59c8513bc9da8144160

monitoring.nhr.fau.de Open in urlscan Pro 131.188.202.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

221 kBTransfer

588 kBSize

0 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

monitoring.nhr.fau.de Open in urlscan Pro
131.188.202.70 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

221 kB
Transfer

588 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions