Report - web9266.web07.bero-webspace.de/FCC/index.html

Report Overview

Submitted URL
web9266.web07.bero-webspace.de/FCC/index.html
IP
109.71.253.24
ASN
#44486 SYNLINQ
Submitted
2022-12-05 21:35:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
web9266.web07.bero-webspace.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	164 kB	109.71.253.24
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.quovadisglobal.com	4610	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	8.7 kB	152.195.38.89
client.selor.be	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	19 kB	193.191.209.80
geant.ocsp.sectigo.com	50227	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	1.2 kB	104.18.32.68
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
digid.nl	56620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	48 kB	144.43.243.208
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	web9266.web07.bero-webspace.de/FCC/index.html	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/FCC/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.woff2	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/FCC/index.html	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js	Phishing
2022-12-05	medium	web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	web9266.web07.bero-webspace.de/FCC/index.html	279 B	2023-03-07	2024-02-06
Pretty URL web9266.web07.bero-webspace.de/FCC/index.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:47 Last Seen2024-02-06 08:19:36 Times Seen4 Hash 9bdd8abba2008ffacccc8e3c565f6508 7f61316d24d66e6b4fd7778be24c4d8d3a61fbf1 c47dd376872de24965cd81d350c2a551646fe99de897549f38f48113927a72ce Loading...

	web9266.web07.bero-webspace.de/FCC/index.html	283 B	2023-03-07	2024-02-06
Pretty URL web9266.web07.bero-webspace.de/FCC/index.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:53 Last Seen2024-02-06 08:19:36 Times Seen5 Hash 20d241921624415bfb462de8347a9767 06ac8c22ba77e5999b2b281f62fccdf1f82e5b20 b654e6d293117195586e7316a9bee116a30e7f47f338111c8d22e901c7f73950 Loading...

HTTP Transactions (35)

URL IP Response Size

web9266.web07.bero-webspace.de/FCC/index.html

109.71.253.24

301 Moved Permanently

162 B

URL HTTP/1.1
web9266.web07.bero-webspace.de/FCC/index.html
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /FCC/index.html HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 21:35:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://web9266.web07.bero-webspace.de/FCC/index.html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6452
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 21:35:01 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5584
Cache-Control: max-age=138562
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:01 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:04:23 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:18:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 990
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2670
Expires: Mon, 05 Dec 2022 22:19:31 GMT
Date: Mon, 05 Dec 2022 21:35:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Z5M1kgDD6a/25CD9+AmgWmgJ64mvxskhqoMtv4JyVo8zvbKRsUMPh6zN0iCFOs+/zSJ5eyLCmqY=
x-amz-request-id: K0WADDZ177E91BDW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 20:46:49 GMT
age: 2892
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b676eb2a6b11a885f0161d72e32ec687
d1c0f301617beb0ec48c6f1e6c60ac3ce3236f91
0f40421de1c92ad0332e9a857154fc9e39f69be4862d2f8953080ceb36e8e4bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F40421DE1C92AD0332E9A857154FC9E39F69BE4862D2F8953080CEB36E8E4BF"
Last-Modified: Mon, 05 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Tue, 06 Dec 2022 03:34:40 GMT
Date: Mon, 05 Dec 2022 21:35:02 GMT
Connection: keep-alive

web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff

109.71.253.24

200 OK

76 kB

URL HTTP/2
web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format, TrueType, length 76489, version 3.0\012- data
Size
76 kB (76489 bytes)
Hash
7a58adafb37bc0664a818671dae82b2a
8b858b0fb0cba30179bb2fcedea8dc1c30020981
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /FCC/files/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: font/woff
content-length: 76489
last-modified: Tue, 22 Nov 2022 10:21:38 GMT
etag: "637ca2b2-12ac9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 1564
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

web9266.web07.bero-webspace.de/FCC/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.woff2

109.71.253.24

200 OK

2.7 kB

URL HTTP/2
web9266.web07.bero-webspace.de/FCC/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 2712, version 1.0\012- data
Size
2.7 kB (2712 bytes)
Hash
af6bc752356c43cacfa4aa44160e82b6
bf7ab8b209a32b03392a8b1fc3f5a402effed44c
650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /FCC/files/icons-650b3ba27798de4eaf8cfc95c3ef953beff6658da3a4cfc5762c77eeb050a630.woff2 HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: font/woff2
content-length: 2712
last-modified: Tue, 22 Nov 2022 10:21:38 GMT
etag: "637ca2b2-a98"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff

109.71.253.24

200 OK

70 kB

URL HTTP/2
web9266.web07.bero-webspace.de/FCC/files/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format, TrueType, length 69467, version 3.0\012- data
Size
70 kB (69467 bytes)
Hash
b1b5c562462eacd9b5d37d62bda0db1b
c8a65ed5c2f183bfb7fd302e20ebb46ea0554da7
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /FCC/files/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: font/woff
content-length: 69467
last-modified: Tue, 22 Nov 2022 10:21:38 GMT
etag: "637ca2b2-10f5b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=133479
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:02 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:39:41 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

web9266.web07.bero-webspace.de/FCC/files/style.css

109.71.253.24

200 OK

14 kB

URL HTTP/2
web9266.web07.bero-webspace.de/FCC/files/style.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
CSV text\012- , ASCII text, with very long lines (518), with CRLF line terminators
Size
14 kB (13554 bytes)
Hash
ab66e9458e3b757075a645b2d09599f7
6f087fdd664286adbdd294dfc6364fcf020a3aeb
82eacd5b4e5f29c46d6855104f1eebae76cba249dac86312e7263639f79ad75d

HTTP Headers

GET /FCC/files/style.css HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 10:21:38 GMT
etag: W/"637ca2b2-14c55"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.quovadisglobal.com/

152.195.38.89

200 OK

1.8 kB

URL HTTP/1.1
ocsp.quovadisglobal.com/
IP
152.195.38.89:0
ASN
#15133 EDGECAST

File type
data
Size
1.8 kB (1778 bytes)
Hash
38d0a0f3b325cb198dc943fba04b8111
0e3564f007901968a1966243de5c93605956f846
75279b5d5343c37d5f52670e78b0a69df0a31c59068b3ac493c67d4a00342d6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:03 GMT
Etag: "0e3564f007901968a1966243de5c93605956f846"
Expires: Wed, 07 Dec 2022 21:35:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:54:11 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1778

ocsp.quovadisglobal.com/

152.195.38.89

200 OK

1.8 kB

URL HTTP/1.1
ocsp.quovadisglobal.com/
IP
152.195.38.89:0
ASN
#15133 EDGECAST

File type
data
Size
1.8 kB (1778 bytes)
Hash
38d0a0f3b325cb198dc943fba04b8111
0e3564f007901968a1966243de5c93605956f846
75279b5d5343c37d5f52670e78b0a69df0a31c59068b3ac493c67d4a00342d6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:03 GMT
Etag: "0e3564f007901968a1966243de5c93605956f846"
Expires: Wed, 07 Dec 2022 21:35:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:54:11 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1778

digid.nl/assets/RO_DigiD_Logo_Homepage-98037d2a69f1bbe535478420a93e0ed9d1888c4f956e6994fbb1f58b2a258910.svg

144.43.243.208

200 OK

22 kB

URL HTTP/1.1
digid.nl/assets/RO_DigiD_Logo_Homepage-98037d2a69f1bbe535478420a93e0ed9d1888c4f956e6994fbb1f58b2a258910.svg
IP
144.43.243.208:0
ASN
#212157 baten-lastendienst Logius

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (21073)
Size
22 kB (21493 bytes)
Hash
c344201667f0fcf66e4bb5c6224029a4
be5350f69d78e2d9a81526a7458032fe6db1e597
345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97

HTTP Headers

GET /assets/RO_DigiD_Logo_Homepage-98037d2a69f1bbe535478420a93e0ed9d1888c4f956e6994fbb1f58b2a258910.svg HTTP/1.1
Host: digid.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Mon, 17 Oct 2022 13:08:06 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: Keep-Alive
Date: Mon, 05 Dec 2022 21:35:03 GMT
Expires: Thu, 02 Dec 2032 20:18:01 GMT
Age: 4623
Content-Length: 21493

digid.nl/assets/digid_eo_rgb_152x152-bd3fb46ddf93b5f703bfddd728de5db021901419413eca931d7c13b40a4497a1.png

144.43.243.208

200 OK

9.8 kB

URL HTTP/1.1
digid.nl/assets/digid_eo_rgb_152x152-bd3fb46ddf93b5f703bfddd728de5db021901419413eca931d7c13b40a4497a1.png
IP
144.43.243.208:0
ASN
#212157 baten-lastendienst Logius

File type
PNG image data, 152 x 152, 16-bit/color RGBA, non-interlaced\012- data
Size
9.8 kB (9849 bytes)
Hash
2130ce2d7281ab6aaabba24388172127
998ecd9dd59e7c0ff6b0e95c0591ddebc2c96443
abf5d94a8865f19fb00e915e719b58d7484003bb2bb4f5a3eddbf431eca04b34

HTTP Headers

GET /assets/digid_eo_rgb_152x152-bd3fb46ddf93b5f703bfddd728de5db021901419413eca931d7c13b40a4497a1.png HTTP/1.1
Host: digid.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 17 Oct 2022 13:08:06 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: Keep-Alive
Date: Mon, 05 Dec 2022 21:35:03 GMT
Expires: Mon, 05 Dec 2022 22:35:03 GMT
Age: 4537
Content-Length: 9849

ocsp.quovadisglobal.com/

152.195.38.89

200 OK

1.8 kB

URL HTTP/1.1
ocsp.quovadisglobal.com/
IP
152.195.38.89:0
ASN
#15133 EDGECAST

File type
data
Size
1.8 kB (1778 bytes)
Hash
38d0a0f3b325cb198dc943fba04b8111
0e3564f007901968a1966243de5c93605956f846
75279b5d5343c37d5f52670e78b0a69df0a31c59068b3ac493c67d4a00342d6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:03 GMT
Etag: "0e3564f007901968a1966243de5c93605956f846"
Expires: Wed, 07 Dec 2022 21:35:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:54:11 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1778

ocsp.quovadisglobal.com/

152.195.38.89

200 OK

1.8 kB

URL HTTP/1.1
ocsp.quovadisglobal.com/
IP
152.195.38.89:0
ASN
#15133 EDGECAST

File type
data
Size
1.8 kB (1778 bytes)
Hash
38d0a0f3b325cb198dc943fba04b8111
0e3564f007901968a1966243de5c93605956f846
75279b5d5343c37d5f52670e78b0a69df0a31c59068b3ac493c67d4a00342d6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:35:03 GMT
Etag: "0e3564f007901968a1966243de5c93605956f846"
Expires: Wed, 07 Dec 2022 21:35:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:54:11 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1778

digid.nl/assets/digid_eo_rgb-820f0a1b9037b16f4b73778ea7a4582aff3eaa9eb13ae88c7e49f9a00cef7678.svg

144.43.243.208

200 OK

1.6 kB

URL HTTP/1.1
digid.nl/assets/digid_eo_rgb-820f0a1b9037b16f4b73778ea7a4582aff3eaa9eb13ae88c7e49f9a00cef7678.svg
IP
144.43.243.208:0
ASN
#212157 baten-lastendienst Logius

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1594), with no line terminators
Size
1.6 kB (1594 bytes)
Hash
a98567adc2a2b24da3bf92c864647e5e
af4cab0a6b883220755f2f06132ed1677272296b
55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a

HTTP Headers

GET /assets/digid_eo_rgb-820f0a1b9037b16f4b73778ea7a4582aff3eaa9eb13ae88c7e49f9a00cef7678.svg HTTP/1.1
Host: digid.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Mon, 17 Oct 2022 13:08:06 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: Keep-Alive
Date: Mon, 05 Dec 2022 21:35:03 GMT
Expires: Thu, 02 Dec 2032 20:18:01 GMT
Age: 4623
Content-Length: 1594

digid.nl/assets/digid_eo_rgb_180x180-d36ebf284b9537ecc44e4d0a0053034bdb4bdd2fd3e6e8cefd0ac9a6af8e764b.png

144.43.243.208

200 OK

12 kB

URL HTTP/1.1
digid.nl/assets/digid_eo_rgb_180x180-d36ebf284b9537ecc44e4d0a0053034bdb4bdd2fd3e6e8cefd0ac9a6af8e764b.png
IP
144.43.243.208:0
ASN
#212157 baten-lastendienst Logius

File type
PNG image data, 180 x 180, 16-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11594 bytes)
Hash
b4cbe8b700b1baf7acb8d600835cf3d7
f15a74af9cafb749930b355f7a4395a7bb1faa84
dc1fb8c6e5b9d2dcf1ef316d1d2339d897fe5785784ca3b244356179d4ab43a0

HTTP Headers

GET /assets/digid_eo_rgb_180x180-d36ebf284b9537ecc44e4d0a0053034bdb4bdd2fd3e6e8cefd0ac9a6af8e764b.png HTTP/1.1
Host: digid.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 17 Oct 2022 13:08:06 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: Keep-Alive
Date: Mon, 05 Dec 2022 21:35:03 GMT
Expires: Mon, 05 Dec 2022 22:35:03 GMT
Age: 4621
Content-Length: 11594

client.selor.be/img/federale_overheid_logo.png

193.191.209.80

200 OK

19 kB

URL HTTP/1.1
client.selor.be/img/federale_overheid_logo.png
IP
193.191.209.80:0
ASN
#2611 BELNET

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19090 bytes)
Hash
a4aeb98d9450f2b002fcaafbf0b10a74
34219cb2e6f23911377bcfc82c6a69fa3fa36b32
3b94df59ff4a1d7fe513fded6fd0aea364248aa0088063d9733ec5fc160ed0d9

HTTP Headers

GET /img/federale_overheid_logo.png HTTP/1.1
Host: client.selor.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 24 Oct 2022 12:35:06 GMT
Accept-Ranges: bytes
ETag: "039bdba5e7d81:0"
Date: Mon, 05 Dec 2022 21:35:03 GMT
Content-Length: 19090

geant.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
geant.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d09f40f3aec3612343c6523f34e4227e
cb161e1d1e45a67326ed2d627f26407621a8c2e3
9b7f1173d9c66dda8f3ec595dfb6c5c5eb80c1b038f39d1c0c6ef9671f33d779

HTTP Headers

POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:35:03 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 16:40:20 GMT
Expires: Sun, 11 Dec 2022 16:40:19 GMT
Etag: "cb161e1d1e45a67326ed2d627f26407621a8c2e3"
Cache-Control: max-age=500115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774fe8c96c0eb4f3-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6259
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:35:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6259
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:35:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 85377
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 37722
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 85945
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 85520
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6886 bytes)
Hash
f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 67750
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 85859
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

web9266.web07.bero-webspace.de/FCC/index.html

109.71.253.24

200 OK

0 B

URL HTTP/2
web9266.web07.bero-webspace.de/FCC/index.html
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /FCC/index.html HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: text/html
last-modified: Tue, 22 Nov 2022 12:05:00 GMT
etag: W/"637cbaec-33bc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 18:56:33 GMT
etag: W/"328-5ef193f03eee2"
content-encoding: br
X-Firefox-Spdy: h2

web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web9266.web07.bero-webspace.de/assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/inline/analytics-6da5b792b12eb5fb296ab65ab3e31d73856a0e38d95676f5410b42467579b38e.js HTTP/1.1
Host: web9266.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web9266.web07.bero-webspace.de/FCC/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 21:35:02 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 18:56:33 GMT
etag: W/"328-5ef193f03eee2"
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (35)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type