Report - geraldnaekel.com/

Report Overview

Submitted URL
geraldnaekel.com/
IP
145.239.140.147
ASN
#16276 OVH SAS
Submitted
2023-05-27 10:11:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.bunny.net	unknown	1999-11-22	2022-03-21	2023-05-26	1.0 kB	22 kB	194.242.11.186
geraldnaekel.com	unknown	2011-11-17	2016-07-08	2023-05-25	4.8 kB	588 kB	145.239.140.147

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-27	medium	geraldnaekel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
2023-05-27	medium	geraldnaekel.com/
2023-05-27	medium	geraldnaekel.com/wp-content/plugins/maintenance/load/css/fonts.css?ver=1669174802

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	geraldnaekel.com/wp-content/plugins/maintenance/load/js/jquery.frontend.js?ver=1669174802	2.0 kB	2023-03-07	2024-04-23
Pretty URL geraldnaekel.com/wp-content/plugins/maintenance/load/js/jquery.frontend.js?ver=1669174802 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:59 Last Seen2024-04-23 15:39:34 Times Seen477 Hash 112c47ca670be7279689c0d5ecbefd20 30b902ad5710b7050ed561bd6ce7ea8755461591 2bc30f2470769a137e994cd92fa1ccf10e6f662b4ffae1397342344a913d2133 Loading...

	geraldnaekel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL geraldnaekel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 13:23:23 Times Seen31846 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	geraldnaekel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL geraldnaekel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 13:23:23 Times Seen68666 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	geraldnaekel.com/	0 B	2023-03-07	2024-04-26
Pretty URL geraldnaekel.com/ IP 145.239.140.147 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 13:24:49 Times Seen37091896 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (12)

URL IP Response Size

fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2

194.242.11.186

200 OK

17 kB

URL GET HTTP/2
fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectfonts.bunny.net
FingerprintD4:FA:38:99:BD:26:CA:C6:43:73:A4:2F:03:97:32:80:9B:87:D6:91
ValiditySun, 23 Apr 2023 01:08:37 GMT - Sat, 22 Jul 2023 01:08:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /open-sans/files/open-sans-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geraldnaekel.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 10:11:38 GMT
content-type: font/woff2
content-length: 16740
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "640ac379-4164"
last-modified: Fri, 10 Mar 2023 05:43:21 GMT
cdn-storageserver: SE-318
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/10/2023 18:49:49
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 45a8a20cb37289240d7cadfed4cc358c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/uploads/2020/09/mt-sample-background.jpg

145.239.140.147

200 OK

218 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/uploads/2020/09/mt-sample-background.jpg
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
218 kB (217593 bytes)
Hash
c44b6dbc04ed12e6ca3a8b5559d8859b
8a5653f8852fbea5723b1220a56cce7121c656bf
950f036c961817afda2e2171be2d3c3e24fc24745914f2ee8d6f10a23ddea30e

HTTP Headers

GET /wp-content/uploads/2020/09/mt-sample-background.jpg HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:38 GMT
content-type: image/jpeg
content-length: 217593
last-modified: Mon, 19 Oct 2020 14:09:19 GMT
etag: "5f8d9e0f-351f9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/plugins/maintenance/load/fonts/foundation-icons.woff

145.239.140.147

200 OK

32 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/plugins/maintenance/load/fonts/foundation-icons.woff
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
Web Open Font Format, TrueType, length 32020, version 0.0\012- data
Size
32 kB (32020 bytes)
Hash
a188c2f768ce5033d3f5d47be7280e25
112fb0e498037f2fea036adb8105e47638159eaa
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

HTTP Headers

GET /wp-content/plugins/maintenance/load/fonts/foundation-icons.woff HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/wp-content/plugins/maintenance/load/css/fonts.css?ver=1669174802
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:38 GMT
content-type: application/font-woff
content-length: 32020
last-modified: Wed, 23 Nov 2022 03:40:02 GMT
etag: "637d9612-7d14"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png

145.239.140.147

200 OK

80 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
PNG image data, 284 x 284, 8-bit/color RGBA, non-interlaced\012- data
Size
80 kB (80509 bytes)
Hash
eba669126443590e4b3e7d6afb7db215
d29958ec0a0ee564893c99c05a9364af61cc58fc
9a766de90427b58382f5f3b80070631de4940300a7f11f01da4a4ea0bc2630d0

HTTP Headers

GET /wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:38 GMT
content-type: image/png
content-length: 80509
last-modified: Sat, 09 Oct 2021 22:37:10 GMT
etag: "61621996-13a7d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png

145.239.140.147

200 OK

80 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
PNG image data, 284 x 284, 8-bit/color RGBA, non-interlaced\012- data
Size
80 kB (80509 bytes)
Hash
eba669126443590e4b3e7d6afb7db215
d29958ec0a0ee564893c99c05a9364af61cc58fc
9a766de90427b58382f5f3b80070631de4940300a7f11f01da4a4ea0bc2630d0

HTTP Headers

GET /wp-content/uploads/2019/12/cropped-girl-head-1-284x284.png HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:38 GMT
content-type: image/png
content-length: 80509
last-modified: Sat, 09 Oct 2021 22:37:10 GMT
etag: "61621996-13a7d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.bunny.net/css?family=Open%20Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic:300

194.242.11.186

200 OK

3.3 kB

URL GET HTTP/2
fonts.bunny.net/css?family=Open%20Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic:300
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectfonts.bunny.net
FingerprintD4:FA:38:99:BD:26:CA:C6:43:73:A4:2F:03:97:32:80:9B:87:D6:91
ValiditySun, 23 Apr 2023 01:08:37 GMT - Sat, 22 Jul 2023 01:08:36 GMT

File type
ASCII text, with very long lines (3338), with no line terminators
Size
3.3 kB (3258 bytes)
Hash
8c68be6125b5f4ff4184908766fee6cc
52b8a52cdea2c2c1447e003e534b2e72425ad7c4
493bffc52bf7252a692c2d30ec758b397333f93813bbf47db0b3e2c6cbe3f281

HTTP Headers

GET /css?family=Open%20Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic:300 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 10:11:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Tue, 09 May 2023 19:01:22 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2023 19:01:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ce34a5e131c31ab5a9b8b931f0ba20a1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

145.239.140.147

200 OK

90 kB

URL GET HTTP/2
geraldnaekel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: application/javascript
last-modified: Sat, 09 Oct 2021 21:47:52 GMT
etag: W/"61620e08-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

145.239.140.147

200 OK

11 kB

URL GET HTTP/2
geraldnaekel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 18:10:36 GMT
etag: W/"60edd71c-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/plugins/maintenance/load/js/jquery.frontend.js?ver=1669174802

145.239.140.147

200 OK

2.0 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/plugins/maintenance/load/js/jquery.frontend.js?ver=1669174802
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
ASCII text, with very long lines (2128), with no line terminators
Size
2.0 kB (1984 bytes)
Hash
527e93933d5f1e56ed2b385f65ecaafa
fa472cc4fad78957e4d7e3c3b4b31407af8bf42d
bb144d316888bee96135cb097cc1214645230777444e1224b2962b918ac02eb0

HTTP Headers

GET /wp-content/plugins/maintenance/load/js/jquery.frontend.js?ver=1669174802 HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 03:40:02 GMT
etag: W/"637d9612-7c0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/

145.239.140.147

200 OK

6.4 kB

URL User Request GET HTTP/2
geraldnaekel.com/
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6847), with no line terminators
Size
6.4 kB (6447 bytes)
Hash
2b90f353de83f04c8c5661a0b31ddfb3
51e19f5bb756d0f216f83c37742af5a0d7a59768
7f50f52b8a367f9f17546463578354efb22cc575f70db5ba168a43218d747450

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: text/html; charset=UTF-8
x-cache-enabled: False
link: <https://geraldnaekel.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://geraldnaekel.com/index.php?rest_route=/wp/v2/pages/299>; rel="alternate"; type="application/json", <https://geraldnaekel.com/>; rel=shortlink
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/plugins/maintenance/load/css/style.css?ver=1669174802

145.239.140.147

200 OK

16 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/plugins/maintenance/load/css/style.css?ver=1669174802
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (16448 bytes)
Hash
1f7ac8b3c6b8944c9740177ef162dae8
9ff3c459f74a20088a120436e1e4fe9a8e93467f
f4b01013d89759e931124b9d53118d6c868eecac24a894ec4336361bb28278fb

HTTP Headers

GET /wp-content/plugins/maintenance/load/css/style.css?ver=1669174802 HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: text/css
last-modified: Wed, 23 Nov 2022 03:40:02 GMT
etag: W/"637d9612-4040"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geraldnaekel.com/wp-content/plugins/maintenance/load/css/fonts.css?ver=1669174802

145.239.140.147

200 OK

48 kB

URL GET HTTP/2
geraldnaekel.com/wp-content/plugins/maintenance/load/css/fonts.css?ver=1669174802
IP
145.239.140.147:443
ASN
#16276 OVH SAS

Requested by
https://geraldnaekel.com/
Certificate
IssuerLet's Encrypt
Subjectgeraldnaekel.com
Fingerprint24:2E:D7:56:DE:9A:D3:56:35:E5:A7:4B:56:20:6C:1B:01:D3:FD:F8
ValidityWed, 03 May 2023 00:01:18 GMT - Tue, 01 Aug 2023 00:01:17 GMT

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
48 kB (48476 bytes)
Hash
5fb4f4b0f6c0e07ec079e22119ba445b
bd4aa9a088c718762be492b0dc8a9cd59cf11c17
a91c36795c5ca61c5d432a09e2158cc841e178ea3037431d620ab25c68617cd8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/maintenance/load/css/fonts.css?ver=1669174802 HTTP/1.1
Host: geraldnaekel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geraldnaekel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 10:11:37 GMT
content-type: text/css
last-modified: Wed, 23 Nov 2022 03:40:02 GMT
etag: W/"637d9612-bd5c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size