| bienenwinterthur.ch/ | 80.74.141.34 | 301 Moved Permanently | 162 B |
IP80.74.141.34:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 21 Nov 2022 18:33:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.bienenwinterthur.ch/
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6ed951622549ed76959631f8a1bf497b 682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb 86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3271
Expires: Mon, 21 Nov 2022 19:27:50 GMT
Date: Mon, 21 Nov 2022 18:33:19 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4843de3bf95411e6aa89834def44bb86 1f1882351ac63fba73a22014382f69df5e02ec96 1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2154
Cache-Control: max-age=146032
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:19 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:07:11 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 18:09:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1442
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1cee7787feebac18f9eca273e56e3741 3a7dac544172921e24c2a1701beef5079b21d01b 79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Mon, 21 Nov 2022 19:44:17 GMT
Date: Mon, 21 Nov 2022 18:33:19 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hDsOSRJw5qg+9iwgmvZpXRVnIoUhnn2u886gRIF7N6c2Fb6mA+68OFP+Y3tYiwuaq/RTsNP5X+g=
x-amz-request-id: RRZKMZEPKYAYXR7D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 17:42:12 GMT
age: 3067
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/ | 80.74.141.34 | 301 Moved Permanently | 0 B |
IP80.74.141.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 21 Nov 2022 18:33:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 8f81ce509f148dd2539f87ca27f2f828=a1e15b5b5e1cd94ba1a1fdeec9f5e9a8; path=/; secure; HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Location: https://www.bienenwinterthur.ch/
Last-Modified: Mon, 21 Nov 2022 18:33:19 GMT
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha6399ae7b5cfa4d018b78106275d2dc7 03f6969f23d3589b1fc3a095d4b37abae53c1601 b4c1092e44b425c8f8daa46455051b3bc2bd4a87442a4830048c6bfa57c00750
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4C1092E44B425C8F8DAA46455051B3BC2BD4A87442A4830048C6BFA57C00750"
Last-Modified: Sat, 19 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 22 Nov 2022 00:33:20 GMT
Date: Mon, 21 Nov 2022 18:33:20 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 18:08:47 GMT
cache-control: public,max-age=3600
age: 1473
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2db0ebb9efcf3be3c92f23b61de5c065 dd830565723f18a7944c26d24b0fb142d06a71a5 8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6193
Cache-Control: max-age=145007
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:20 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:50:07 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash8796b1bba5e0df458c07179adea64173 b3c3f64718de099805a200e156774ea356a08132 ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 142.250.74.74 | 200 OK | 33 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP142.250.74.74:0
File typeASCII text, with very long lines (32086) Hash430e927c980ad4079de727fa59dd93f2 891aaada9a55a91292999f6d50fd300439905982 e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 18:48:34 GMT
expires: Wed, 15 Nov 2023 18:48:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 517486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash8796b1bba5e0df458c07179adea64173 b3c3f64718de099805a200e156774ea356a08132 ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.bienenwinterthur.ch/images/stories/com_form2content/p3/f5/thumbs/412bad33481.jpg | 80.74.141.34 | 200 OK | 86 kB |
URL HTTP/2www.bienenwinterthur.ch/images/stories/com_form2content/p3/f5/thumbs/412bad33481.jpg IP80.74.141.34:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 400x225, components 3\012- data Hashd890310c9c74c43c05b80a071fc0b615 bf6444dc3573f6a99b45a685fbe9887a5c4cfe03 2497b25142421e9edd93f3ad14bb9a633077eabb1f36160f89dc7563f5d62cce
GET /images/stories/com_form2content/p3/f5/thumbs/412bad33481.jpg HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/jpeg
content-length: 85516
last-modified: Thu, 21 Mar 2019 17:53:55 GMT
etag: "5c93cfb3-14e0c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/images/stories/com_form2content/p3/f6/thumbs/b41ccb44b11.jpg | 80.74.141.34 | 200 OK | 85 kB |
URL HTTP/2www.bienenwinterthur.ch/images/stories/com_form2content/p3/f6/thumbs/b41ccb44b11.jpg IP80.74.141.34:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 400x225, components 3\012- data Hash4ae78155e9a4697b03532e3d3db3ba56 b24fb8cfe6a8f81ff5515897c34612945dae711c 3bfc23ea5ef9e39a88e5636ed318bd9aadbc7cdcf6f307085628d9c4d5949b80
GET /images/stories/com_form2content/p3/f6/thumbs/b41ccb44b11.jpg HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/jpeg
content-length: 84799
last-modified: Thu, 21 Mar 2019 17:53:55 GMT
etag: "5c93cfb3-14b3f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/images/stories/com_form2content/p3/f8/thumbs/8cab1610c51.jpg | 80.74.141.34 | 200 OK | 98 kB |
URL HTTP/2www.bienenwinterthur.ch/images/stories/com_form2content/p3/f8/thumbs/8cab1610c51.jpg IP80.74.141.34:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 400x225, components 3\012- data Hashb206c662e8083752a555755077d904c3 70edad693e0a2dbabd9c71a5e55c67fd26ecfdbd fb9a5b68770d91dad37a95e5b6ddfc7083f4cf5cad383d6ff3431fc5ccade336
GET /images/stories/com_form2content/p3/f8/thumbs/8cab1610c51.jpg HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/jpeg
content-length: 97530
last-modified: Thu, 21 Mar 2019 17:53:55 GMT
etag: "5c93cfb3-17cfa"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.148.77.40 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.77.40:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sf4/kwkyNe8JnkRI6ZO8dQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NCuMO6gHmiu4+E2f3rc/3cESW44=
|
|
| www.bienenwinterthur.ch/images/stories/com_form2content/p3/f7/thumbs/1024px-Schwarmfang_und_Einschlagen.jpg | 80.74.141.34 | 200 OK | 122 kB |
URL HTTP/2www.bienenwinterthur.ch/images/stories/com_form2content/p3/f7/thumbs/1024px-Schwarmfang_und_Einschlagen.jpg IP80.74.141.34:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 400x225, components 3\012- data Size122 kB (122186 bytes) Hashae2a6ec8864a049819d6f22f7adbe7f1 7e7e23a090b6e31781ac75630e44744c34406f55 fd171dc5c4ed2baaced69dd214168ebb5eb47c5bf436c0a10df4d08d0ed41006
GET /images/stories/com_form2content/p3/f7/thumbs/1024px-Schwarmfang_und_Einschlagen.jpg HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/jpeg
content-length: 122186
last-modified: Thu, 21 Mar 2019 17:53:55 GMT
etag: "5c93cfb3-1dd4a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/master.1554889700.css | 80.74.141.34 | 200 OK | 52 kB |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/master.1554889700.css IP80.74.141.34:0
Hashccc870e63e9fb2fd167271aee71e82ba 5e8886fe3d22dbf5d5f93facaeb8c5ce69f0a189 f54e903ee897f2cbf46cf97e51e7121eae349b6cc8b4b08b73c1f1c9bc622502
GET /templates/bzvwwebsitetemplate/build/css/master.1554889700.css HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: text/css
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Wed, 10 Apr 2019 09:48:20 GMT
etag: W/"f1f4-58629f83bc100"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/images/headers/header-default.jpg?3593360612 | 80.74.141.34 | 200 OK | 162 kB |
URL HTTP/2www.bienenwinterthur.ch/images/headers/header-default.jpg?3593360612 IP80.74.141.34:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2014:10:28 21:59:18], baseline, precision 8, 1920x600, components 3\012- data Size162 kB (161603 bytes) Hashc3d4fff63bf26c93c301a6b15f32d339 34636b42e6e14f9c9d27ba7d4915d0a565548626 1c582524732ddfaba25b6d4ac413628be3814bddbb159b2c6e13a0d945a77cb9
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /images/headers/header-default.jpg?3593360612 HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/jpeg
content-length: 161603
last-modified: Thu, 21 Mar 2019 17:53:56 GMT
etag: "5c93cfb4-27743"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/layout/bee-1.png | 80.74.141.34 | 200 OK | 18 kB |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/layout/bee-1.png IP80.74.141.34:0
File typePNG image data, 245 x 156, 8-bit colormap, non-interlaced\012- data Hashbb55be945c64220e228b9820f1536ba7 1036c75b70a8b7f7e5614f89478f9c3e50239158 fa5efe52e2d460702bb235e34b3862d523e0d992e6c73fb70f217215304dd552
GET /templates/bzvwwebsitetemplate/build/img/layout/bee-1.png HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/master.1554889700.css
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/png
content-length: 18077
last-modified: Fri, 07 Jun 2019 07:08:53 GMT
etag: "5cfa0d85-469d"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashd9afe0ae0199aff69fefbe5a55490d31 126f648ad266469bf531b5c08f7f71a973d0eeb0 105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 18:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/icons/touch_icons/apple-touch-icon-144x144-precomposed.png | 80.74.141.34 | 200 OK | 3.8 kB |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/icons/touch_icons/apple-touch-icon-144x144-precomposed.png IP80.74.141.34:0
File typePNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data Hashe0d6b4ac2c108b28963c5f94a98375a5 9e52c0f58986a00ea9c991540e0df0d3c667c1b1 662e7c0a900dc37c32cb1356d27ee864fad58b4044a0374aa3d8227751dff32e
GET /templates/bzvwwebsitetemplate/build/img/icons/touch_icons/apple-touch-icon-144x144-precomposed.png HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/png
content-length: 3795
last-modified: Thu, 21 Mar 2019 17:53:43 GMT
etag: "5c93cfa7-ed3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/icons/touch_icons/favicon.ico | 80.74.141.34 | 200 OK | 894 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/img/icons/touch_icons/favicon.ico IP80.74.141.34:0
File typeMS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data Hashad3baf81e3139c3a9f1723cacd0d7e1f 90009f1f5e08d740bfa74950337306b551888ac7 793775c2c766576716901ebaac9c06873300e258e25d9730698d97efc7f06273
GET /templates/bzvwwebsitetemplate/build/img/icons/touch_icons/favicon.ico HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 894
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
x-accel-version: 0.01
last-modified: Thu, 21 Mar 2019 17:53:43 GMT
etag: "37e-5849e6b45f7c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20975
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:33:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20975
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:33:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20975
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:33:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20975
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:33:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20975
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 18:33:21 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash901093397261ec8888c61a6c88f8b7cd 1f07e8182159f68134776366e0bea78a130c5b85 9982e83a02d1595431c397a00a0a339067681fdbcb7538ca40ffd7138c7aa9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23dd0640-fd46-469c-ae06-acb832cc4160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11271
x-amzn-requestid: 144705ac-0cc1-46ba-a6a9-3942bf3c9433
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61qlFriIAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9ca9-27e45603577195a2769b3fc3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qql-MEI9tkdxS-lGdnkBCB8h39ZgJBi7ODA2TMUYn8kqEjP8AjMCZg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:50:50 GMT
age: 74551
etag: "1f07e8182159f68134776366e0bea78a130c5b85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4a8070a1aa0d48b75c639fa24eec3d96 14a81b4e2bdcdcdd951aa6660dc640c0292a2109 70b29ce3872a0c46d8d0e61f2801df1a98c8ea6e516adb1c2fe1bdad35f654f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 02203d7e-e15a-40d8-a09e-c40299c6f332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu2bSH6xoAMF1FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375d114-79f15fbc1c64941e54c6d5e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 06:13:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YHoIX9fgjqNaOq_84IdURDMNigg62C8616_qky56Xx7ok4LJvvqEfw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 12:54:30 GMT
age: 20331
etag: "14a81b4e2bdcdcdd951aa6660dc640c0292a2109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash481c033b9ffd030ff0de6e35cf788b47 85d3baad9217af2b5d75c019d2ef95dbb919a788 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 05:19:29 GMT
age: 47632
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash96135f96986369533c0362367c1e6fd8 bc8b0612b79cb30817880fac9728318f837854b4 f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: 93295168-385b-4b26-92e0-65858db59541
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0PgfGfVoAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377f936-7d3d9e44191051f454bd53ca;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:29:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hYkfj6mcRyzHioX7RAjvhpITDBX_CXLhum92tHz6ilGAY2C0fNi48g==
via: 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 08:37:09 GMT
age: 35772
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash79ccaf63b8e37223509518f540b26f54 fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71 950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 43209d37-210a-4339-a6ba-9fb26349e6fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZkHXqoAMFZog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-66898b374a984c1b409c28ad;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eswxmUa59R-4pum8RNXKrKJg6g6tn17CnOpe4LZUPgEbvxfp9MzeDg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:41:31 GMT
age: 75110
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha9e0f5c07511d0f6ad0f2441db92797d 2dcc6187d7173ce741975ad4ec24435c9dcb0880 3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:34:27 GMT
age: 71934
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/media/jui/js/jquery.min.js?b7d2725f6c50b7c73525a0246c2b18d9 | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/media/jui/js/jquery.min.js?b7d2725f6c50b7c73525a0246c2b18d9 IP80.74.141.34:0
GET /media/jui/js/jquery.min.js?b7d2725f6c50b7c73525a0246c2b18d9 HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 13:21:56 GMT
vary: Accept-Encoding
etag: W/"62f8f6f4-17d6e"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/media/jui/js/jquery-migrate.min.js?b7d2725f6c50b7c73525a0246c2b18d9 | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/media/jui/js/jquery-migrate.min.js?b7d2725f6c50b7c73525a0246c2b18d9 IP80.74.141.34:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /media/jui/js/jquery-migrate.min.js?b7d2725f6c50b7c73525a0246c2b18d9 HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 13:21:56 GMT
vary: Accept-Encoding
etag: W/"62f8f6f4-2748"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/libs/modernizr/modernizr-2.6.2-respond-1.1.0.min.js | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/libs/modernizr/modernizr-2.6.2-respond-1.1.0.min.js IP80.74.141.34:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/bzvwwebsitetemplate/build/js/libs/modernizr/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: application/javascript
last-modified: Thu, 21 Mar 2019 17:53:43 GMT
vary: Accept-Encoding
etag: W/"5c93cfa7-4c28"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/libs/libs.1553266542.js | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/libs/libs.1553266542.js IP80.74.141.34:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/bzvwwebsitetemplate/build/js/libs/libs.1553266542.js HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Fri, 22 Mar 2019 14:55:42 GMT
etag: W/"b650-584b00c7a3780"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/base.1553190823.js | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/js/base.1553190823.js IP80.74.141.34:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/bzvwwebsitetemplate/build/js/base.1553190823.js HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Thu, 21 Mar 2019 17:53:43 GMT
etag: W/"3df-5849e6b45f7c0"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/grid.1553190823.css | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/grid.1553190823.css IP80.74.141.34:0
GET /templates/bzvwwebsitetemplate/build/css/grid.1553190823.css HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: text/css
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Thu, 21 Mar 2019 17:53:43 GMT
etag: W/"96f8-5849e6b45f7c0"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/user.1554889449.css | 80.74.141.34 | 200 OK | 0 B |
URL HTTP/2www.bienenwinterthur.ch/templates/bzvwwebsitetemplate/build/css/user.1554889449.css IP80.74.141.34:0
GET /templates/bzvwwebsitetemplate/build/css/user.1554889449.css HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bienenwinterthur.ch/
Cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: text/css
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Wed, 10 Apr 2019 09:44:09 GMT
etag: W/"2e0-58629e945cc40"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.bienenwinterthur.ch/ | 80.74.141.34 | 200 OK | 0 B |
IP80.74.141.34:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: www.bienenwinterthur.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 18:33:20 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
vary: Accept-Encoding
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 8f81ce509f148dd2539f87ca27f2f828=bef9a89c5c6ae99121ad14512c3477f7; path=/; secure; HttpOnly
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-frame-options: SAMEORIGIN
last-modified: Mon, 21 Nov 2022 18:33:20 GMT
X-Firefox-Spdy: h2
|
|