urlscan.io logo urlscan.io
SecurityTrails logo

monitoring-und-patchen.ihr-admin.com Open in urlscan Pro
212.53.165.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://monitoring-und-patchen.ihr-admin.com/
Submission Tags: phishingrod
Submission: On April 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 212.53.165.153, located in Germany and belongs to ARTFILES-AS Artfiles New Media GmbH, DE. The main domain is monitoring-und-patchen.ihr-admin.com.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time monitoring-und-patchen.ihr-admin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 212.53.165.153 8893 (ARTFILES-...)
1 1 104.26.8.183 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
27 6
16    212.53.165.153 (Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: web4.serverulm.de
monitoring-und-patchen.ihr-admin.com
1    104.26.8.183 (None, )

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
6    2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
1    2606:4700:4400::6812:2108 (United States)

ASN13335 (CLOUDFLARENET, US)
nitroscripts.com
2    2606:4700:4400::6812:255d (United States)

ASN13335 (CLOUDFLARENET, US)
to.getnitropack.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
16 ihr-admin.com
monitoring-und-patchen.ihr-admin.com
2 MB
6 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 22132
319 KB
2 getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 12038
278 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
2 KB
1 nitroscripts.com
nitroscripts.com — Cisco Umbrella Rank: 16895
16 KB
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 17211
484 B
27 6
Domain Requested by
16 monitoring-und-patchen.ihr-admin.com monitoring-und-patchen.ihr-admin.com
6 widget-v4.tidiochat.com monitoring-und-patchen.ihr-admin.com
code.tidio.co
2 to.getnitropack.com nitroscripts.com
1 cdnjs.cloudflare.com
1 nitroscripts.com monitoring-und-patchen.ihr-admin.com
1 code.tidio.co 1 redirects
27 6

This site contains links to these domains. Also see Links.

Domain
27740.aidaform.com
ihr-admin.com
Subject Issuer Validity Valid
monitoring-und-patchen.ihr-admin.com
R3		 2024-04-28 -
2024-07-27		 3 months crt.sh
nitroscripts.com
GTS CA 1P5		 2024-03-03 -
2024-06-01		 3 months crt.sh
tidiochat.com
GTS CA 1P5		 2024-03-17 -
2024-06-15		 3 months crt.sh
getnitropack.com
Cloudflare Inc ECC CA-3		 2024-01-13 -
2024-12-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://monitoring-und-patchen.ihr-admin.com/
Frame ID: 2F839B477241457377E661EF6634B965
Requests: 21 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Frame ID: F0C973C211442E5CC180776417066B30
Requests: 4 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 0860652026FABB84B8A2FF2A75D2B363
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Monitoring Lösung aus der Cloud – Wir monitoren Ihre Systeme

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

2515 kB
Transfer

4436 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://code.tidio.co/vyd4ckltgdiotdta3o428zrtnlkakh8t.js HTTP 302
  • https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
monitoring-und-patchen.ihr-admin.com/ 		89 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
d5b50126a3366e79fedc2cb073b7fe83aa3eaf85e02e75d7035709dd8f721869

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
content-encoding
gzip
content-length
12296
content-type
text/html; charset=UTF-8
date
Sun, 28 Apr 2024 08:19:50 GMT
link
<https://monitoring-und-patchen.ihr-admin.com/wp-json/>; rel="https://api.w.org/", <https://monitoring-und-patchen.ihr-admin.com/wp-json/wp/v2/pages/307>; rel="alternate"; type="application/json", <https://monitoring-und-patchen.ihr-admin.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-nitro-cache
MISS
x-powered-by
PHP/8.0.30 PleskLin
e833142e5b088ac1519174d8f8ca809d.min.css
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/ 		805 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
7ff370cf77855e8a7d13efd97b835aab50f2fa47a10b11795509bfed987a1572

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
last-modified
Tue, 07 Nov 2023 12:43:24 GMT
server
nginx
etag
W/"654a30ec-c930a"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
render.ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/
Redirect Chain
  • https://code.tidio.co/vyd4ckltgdiotdta3o428zrtnlkakh8t.js
  • https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://monitoring-und-patchen.ihr-admin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2174
etag
W/"6626145b-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHynpmpqjzTi6kOCkFIoyfhgRBhB5%2BR1rWdzbmooDnjMN1uD6uY2sGSrtvP%2B9fbi6CKLrLFCBm2bJCD%2BwCQkqL685USMovSkIgaZi%2B2iTj4piKSH7%2B1Ll8cQ9MSOO7twaLO%2BFG%2BEyE0hLeDv9pTGNAKpTXEB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
87b5a12fda95085d-FRA

Redirect headers

date
Sun, 28 Apr 2024 08:19:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtXdU7CO7nDawvQhRYZ1p8TOCLaiTayzBf0Ol1SQMHJKTlqSY2s4LmWdls%2BbT6ajNzwRm0vN5u3CUiRJaZIcPGikKPqZfaCw1McMdPdVpzKpGH5tU%2FZwJ%2FgCoR84jxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
87b5a12e8f475bed-FRA
jquery.min.js
monitoring-und-patchen.ihr-admin.com/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:03:05 GMT
server
nginx
etag
W/"636618b9-15e54"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
83636a018575cac58adb13d110963903.min.js
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-scripts/ 		320 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-scripts/83636a018575cac58adb13d110963903.min.js?ver=3.9
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
866bb5fab10b06926cf82f4218b518843f2f00526257c1c790c77a0ae0f42f9f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
last-modified
Tue, 07 Nov 2023 12:43:24 GMT
server
nginx
etag
W/"654a30ec-50061"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
MEinhbjWZcJmRkjxlMPrnFdqkOphOkbg
nitroscripts.com/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nitroscripts.com/MEinhbjWZcJmRkjxlMPrnFdqkOphOkbg
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd18f50205666fafb3cceac9fd962caa4276d29220c1cc7506e23afb9ded1ce5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-request-timestamp
1714292390
date
Sun, 28 Apr 2024 08:19:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2024 08:19:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-expose-headers
X-Request-Timestamp
cache-control
max-age=600, stale-while-revalidate=31536000
cf-ray
87b5a12fdc90976a-FRA
/
monitoring-und-patchen.ihr-admin.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PHP/8.0.30, PleskLin
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryIpBJlBlBBW9dRqt0

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
cache-control
no-cache
server
nginx
x-powered-by
PHP/8.0.30, PleskLin
content-length
0
content-type
text/html; charset=UTF-8
/
monitoring-und-patchen.ihr-admin.com/ 		13 B
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PHP/8.0.30, PleskLin
Resource Hash
8d9d6702a15e078f14d99abace58ab6dc1d9684e57bae9cf5db74b77dc12997e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWQlFAAdZ3s6BAAgi

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
server
nginx
x-powered-by
PHP/8.0.30, PleskLin
x-nitro-beacon
FORWARD
content-type
text/html; charset=UTF-8
cache-control
no-cache
x-nitro-proxy-purge
true
content-length
13
software-update-electronic-device-display-concept-2022-09-16-09-30-36-utc-scaled.jpg
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2022/11/ 		372 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2022/11/software-update-electronic-device-display-concept-2022-09-16-09-30-36-utc-scaled.jpg
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
13d23372e013fe10cbf510e5e707beed3a76443bb361eea0d96ab8c149434c42

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 11:10:23 GMT
server
nginx
etag
W/"6366449f-5ceb2"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
image/jpeg
S6uyw4BMUTPHjx4wXg.woff2
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-gfonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-gfonts/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
last-modified
Tue, 07 Nov 2023 12:43:23 GMT
server
nginx
etag
"654a30eb-5c1c"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
23580
resume.ttf
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-icons/resume-v1.0-1/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-icons/resume-v1.0-1/fonts/resume.ttf?mt77df
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
c999f5d5052174fd2c1873d38171fd1151898383d963633c563e4109dcc0451b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
last-modified
Thu, 20 May 2021 07:34:42 GMT
server
nginx
etag
"60a61112-b58"
x-powered-by
PleskLin
content-type
font/ttf
accept-ranges
bytes
content-length
2904
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-gfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-gfonts/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
last-modified
Tue, 07 Nov 2023 12:43:23 GMT
server
nginx
etag
"654a30eb-3b88"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
15240
fa-solid-900.woff2
monitoring-und-patchen.ihr-admin.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
last-modified
Thu, 15 Dec 2022 01:57:02 GMT
server
nginx
etag
"639a7eee-13184"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
78212
600af310763f87de1373c4ea_Federico-2048x1365-1.jpg
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2021/12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2021/12/600af310763f87de1373c4ea_Federico-2048x1365-1.jpg
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
255ff8d51f0e3757040bba490771611ea69f083d7a8159333af5ddf1df114bbc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 17:26:09 GMT
server
nginx
etag
W/"61c35fb1-1621c9"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
image/jpeg
awb-icons.woff
monitoring-und-patchen.ihr-admin.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/fusion-styles/e833142e5b088ac1519174d8f8ca809d.min.css?ver=3.9
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
last-modified
Thu, 15 Dec 2022 01:57:02 GMT
server
nginx
etag
"639a7eee-5224"
x-powered-by
PleskLin
content-type
font/woff
accept-ranges
bytes
content-length
21028
chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame F0C9 		477 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/vyd4ckltgdiotdta3o428zrtnlkakh8t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5034
etag
W/"6626145b-775a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44PcAfNiEvC2aE8Upuv9l1tXnBe0ScOuOxbrUMI4f1WMDdSYoK8hsB07qnhuun1stMgvIyZn3Va313DkD72j%2FyCCePQbGKjo6T0LFSL6k6MmxNCBc42A3H%2FwJy%2Brfn0WF0geWsYZNxKq%2BY1xiOfqiFQcn3PF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
87b5a1302ad8085d-FRA
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame F0C9 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/vyd4ckltgdiotdta3o428zrtnlkakh8t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66261456-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VBb8LwFbeJ7S41dtQL2X7e6qt3FpTGqWCb8ebldxDsT4%2BAgFQbN9%2FUmLPCY05wzAkxFGyznTijoTDGQ6Y76b8G8JGubR3Z1Ogoo84TbitMMyoM7UYNfW0EEzrP%2F2LHtu2jl%2BeQIy38qh8pbZufu3lS0t560"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
87b5a13079f15d49-FRA
content-length
27400
tururu.mp3
widget-v4.tidiochat.com// Frame F0C9 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
464132
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
server
cloudflare
etag
"66261456-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bbs8G5FYqWFXrZHhv1dgQMurAFd6ypsHmHYZ7BNxaaHhB56SWV5Tq55cXS9IuwQ%2F5NKjQ1mpr8PTz55hIGj9BNN4dx4wN7mUTvwW%2Bm2Khjq3ECMZIak7QPNPGbsSgflU%2FozVekpJCRm5YuKF16ttU1qm8nCD"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
87b5a1303ade085d-FRA
expires
Mon, 06 May 2024 23:24:18 GMT
widget.ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame F0C9 		493 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/widget.ab0ffde36be6aa7a153d.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/vyd4ckltgdiotdta3o428zrtnlkakh8t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2174
etag
W/"6626145b-7b531"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWo%2FeTUpuKEyVD38xZprYtq1uXC5tem%2FnZsgayAtv7HCqASvgZ%2BWPq7QOdXslB5S3e8e8Jq%2FldYM%2B6fkwZcT%2BHWy7puRrH4bqvs5RCL6GUWxyeb9kxYTH7jFS4%2BKuekYaIDVKuoi8pNcnd%2FuZLvJ4pAuMPEQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
87b5a1303ae2085d-FRA
b2901787-1747-451c-af4a-33e9dc6df50f
https://monitoring-und-patchen.ihr-admin.com/ 		256 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://monitoring-und-patchen.ihr-admin.com/b2901787-1747-451c-af4a-33e9dc6df50f
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dcabb967a6a348a2508cb74415e86cabe70f4c921e9d36581047e0e89f20555

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
256
Content-Type
application/javascript
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 0860 		27 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Origin
https://monitoring-und-patchen.ihr-admin.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:50 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66261456-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VBb8LwFbeJ7S41dtQL2X7e6qt3FpTGqWCb8ebldxDsT4%2BAgFQbN9%2FUmLPCY05wzAkxFGyznTijoTDGQ6Y76b8G8JGubR3Z1Ogoo84TbitMMyoM7UYNfW0EEzrP%2F2LHtu2jl%2BeQIy38qh8pbZufu3lS0t560"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
87b5a13079f15d49-FRA
content-length
27400
admin-ajax.php
monitoring-und-patchen.ihr-admin.com/wp-admin/ 		98 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-admin/admin-ajax.php
Requested by
Host: monitoring-und-patchen.ihr-admin.com
URL: https://monitoring-und-patchen.ihr-admin.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PHP/8.0.30, PleskLin
Resource Hash
bc4a25d46a6028992f7d4ffa303dce2e9e84b3e22a401703553d221f5d3b5268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
text/html, */*; q=0.01
Referer
https://monitoring-und-patchen.ihr-admin.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-powered-by
PHP/8.0.30, PleskLin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://monitoring-und-patchen.ihr-admin.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
93
expires
Wed, 11 Jan 1984 05:00:00 GMT
dropoff
to.getnitropack.com/ 		20 B
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://to.getnitropack.com/dropoff
Requested by
Host: nitroscripts.com
URL: https://nitroscripts.com/MEinhbjWZcJmRkjxlMPrnFdqkOphOkbg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:255d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRLjGvBp7K7R53VO1

Response headers

date
Sun, 28 Apr 2024 08:19:51 GMT
content-encoding
none
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
87b5a13379db906a-FRA
Logo-white.jpg
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2023/01/ 		120 KB
79 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2023/01/Logo-white.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
0e5c89bf6ae68d641fe8e37b245449c4e4af1d682a7be348a3e9a7600bf645cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:51 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 09:53:26 GMT
server
nginx
etag
W/"63d4f096-1e0f1"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
image/jpeg
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 0860 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
187051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MpOEnoAhJopzeq1P8D1N6cFsmnbjyY9qCVAzBSS8m6rZqyMICqpWTw0jTQQR9NbQTQuTCHSYNcykh%2BOpM5wRnLR49qwLBEd4JLVBLIjzAcIVg1%2Fl20DAWaqQfWIOYnm%2BMP3cfpbl"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87b5a1348f07918e-FRA
expires
Fri, 18 Apr 2025 08:19:51 GMT
cropped-logo-32x32.png
monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2021/12/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://monitoring-und-patchen.ihr-admin.com/wp-content/uploads/2021/12/cropped-logo-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.53.165.153 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
web4.serverulm.de
Software
nginx / PleskLin
Resource Hash
07c4aea4174f39dfb3e8bf457109d8fd03d76413bfb718870f282c47a96af02a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 08:19:51 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 17:15:09 GMT
server
nginx
etag
W/"61c35d1d-977"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
image/png
/
to.getnitropack.com/ 		20 B
96 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://to.getnitropack.com/
Requested by
Host: nitroscripts.com
URL: https://nitroscripts.com/MEinhbjWZcJmRkjxlMPrnFdqkOphOkbg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:255d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://monitoring-und-patchen.ihr-admin.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAv1958nIfn5ybqUe

Response headers

date
Sun, 28 Apr 2024 08:19:52 GMT
content-encoding
none
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
87b5a1397817906a-FRA

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| NPTelemetryMetadata object| NitroPack object| doc object| heartbeatData number| proxyPurgeOnly object| nitroData undefined| xhr function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth undefined| $ function| jQuery object| cssua object| fusionJSVars object| fusion object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips undefined| prevCallback object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| onYouTubeIframeAPIReady function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionAnimationsVars function| fusionSetAnimationData object| formCreatorConfig object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| moveSideHeaderStylingDivs function| fusionSideHeaderScroll function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars function| fusionInitStickyColumns object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| lazySizes object| awb_oc_timeouts object| awbOffCanvas object| awbAnimationObservers object| fusionForms object| fusionFormLogics function| awbScrollSpy string| responsiveTypeElements string| fusionBaseFontSize number| lastYPosition boolean| scrollDisabled number| adminBarHeight function| overlap number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| SENTRY_RELEASE object| tidioChatApi number| lcpCruxTimestamp number| lcpPerfTimestamp object| fusionVimeoPlayers

1 Cookies

Domain/Path Name / Value
monitoring-und-patchen.ihr-admin.com/ Name: nitroCachedPage
Value: 0

1 Console Messages

Source Level URL
Text
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.tidio.co
monitoring-und-patchen.ihr-admin.com
nitroscripts.com
to.getnitropack.com
widget-v4.tidiochat.com
104.17.25.14
104.26.8.183
212.53.165.153
2606:4700:20::681a:88b
2606:4700:4400::6812:2108
2606:4700:4400::6812:255d
07c4aea4174f39dfb3e8bf457109d8fd03d76413bfb718870f282c47a96af02a
0e5c89bf6ae68d641fe8e37b245449c4e4af1d682a7be348a3e9a7600bf645cd
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
13d23372e013fe10cbf510e5e707beed3a76443bb361eea0d96ab8c149434c42
255ff8d51f0e3757040bba490771611ea69f083d7a8159333af5ddf1df114bbc
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
4dcabb967a6a348a2508cb74415e86cabe70f4c921e9d36581047e0e89f20555
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c
7ff370cf77855e8a7d13efd97b835aab50f2fa47a10b11795509bfed987a1572
866bb5fab10b06926cf82f4218b518843f2f00526257c1c790c77a0ae0f42f9f
8d9d6702a15e078f14d99abace58ab6dc1d9684e57bae9cf5db74b77dc12997e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
bc4a25d46a6028992f7d4ffa303dce2e9e84b3e22a401703553d221f5d3b5268
c999f5d5052174fd2c1873d38171fd1151898383d963633c563e4109dcc0451b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d5b50126a3366e79fedc2cb073b7fe83aa3eaf85e02e75d7035709dd8f721869
dd18f50205666fafb3cceac9fd962caa4276d29220c1cc7506e23afb9ded1ce5
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441