Report - laser.bayern/

Report Overview

Submitted URL
laser.bayern/
IP
195.63.103.228
ASN
#12312 ecotel communication ag
Submitted
2022-12-02 00:34:52
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
laser.bayern	unknown	2020-03-14T10:56:21Z	2023-02-21T02:33:43Z	8.9 kB	668 kB	195.63.103.228
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	229 B	34.117.237.239
consentcdn.cookiebot.com	5676	2018-05-23T07:13:43Z	2023-03-09T05:16:13Z	502 B	873 B	104.110.3.72
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	34.216.192.228
consent.cookiebot.com	4972	2014-02-26T15:48:42Z	2023-03-09T05:16:13Z	359 B	1.0 kB	104.84.152.233
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	46 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	laser.bayern/	Phishing
2022-12-02	medium	laser.bayern/	Phishing
2022-12-02	medium	laser.bayern/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js	Phishing
2022-12-02	medium	laser.bayern/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xGrafik.jpg.pagespeed.ic.273lkPGp8i.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288614_1920-1024x768-2.jpg.pagespeed.ic.z4Gl8DYLoJ.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xlaser-288610_1920-1024x768.jpg.pagespeed.ic.oKEpwTn8Zu.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xlasershow-539575_1920-1024x683.jpg.pagespeed.ic.Bdd2vf0dD9.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xlaser-1024x768.jpg.pagespeed.ic.9OgszNHV8Z.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xlasershow-539583_1920-1024x683.jpg.pagespeed.ic.h0uXeEiQ-N.webp	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xlaser-288614_1920-1024x768.jpg.pagespeed.ic.jNYRf7kLKj.webp	Phishing
2022-12-02	medium	laser.bayern/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2022-12-02	medium	laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288610_1920-1024x768-32x32.jpg.pagespeed.ic.qUNX4uctvt.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	consent.cookiebot.com/96ffe6f7-142f-4033-b85e-7783b262ae0f/cc.js?renew=false&referer=laser.bayern&dnt=false&init=false&culture=DE	242 kB	2023-03-10	2023-03-11
Pretty URL consent.cookiebot.com/96ffe6f7-142f-4033-b85e-7783b262ae0f/cc.js?renew=false&referer=laser.bayern&dnt=false&init=false&culture=DE IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:32:57 Last Seen2023-03-11 23:16:08 Times Seen1 Hash 8ae6e59604ead5310a1871a69657b393 c1a84b46fa30ff62eaeec683fd6eedbe684fd9a1 c637d5c477ce4fc8f039ae8edf4a118f3a9a44dd8a1fa53d3859db264239257e Loading...

	laser.bayern/	31 B	2023-03-07	2023-12-30
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:56:20 Last Seen2023-12-30 21:51:14 Times Seen84 Hash bf6013e244199583446f1d1ec173d29a b495f481984798c0aecc4d090207efe52010582d 387a40dd5e41c46b2fe42ad895d48c3c64789bb18023ed913411060e926daa15 Loading...

	laser.bayern/	31 B	2023-03-08	2023-12-03
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:06 Last Seen2023-12-03 12:08:51 Times Seen15 Hash 44ede527ea4127f53e7c00427a108365 d15efcee6a3c599d78e77ce782ca13c23e6cc82e 0cbf452d0a56ad9a7a07e7c9775a21647794db1a9ae27399baa7fc6b295253c9 Loading...

	consent.cookiebot.com/uc.js	103 kB	2023-03-08	2023-03-17
Pretty URL consent.cookiebot.com/uc.js IP 104.84.152.233 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:58 Last Seen2023-03-17 23:08:52 Times Seen1 Hash 46a765d70e4c842730680a719d0b3a01 e1240fadffba87daf9dbd9c560d655a3326d6cbf 8a540cc5945aea6d81f7705af39fc8868fe7e72bcbf2f0396ace451451109e22 Loading...

	laser.bayern/	31 B	2023-03-08	2023-12-03
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:08:43 Last Seen2023-12-03 12:08:51 Times Seen52 Hash 27509284b81924b23b06bfc2451a4a6e 41aa06a821999e0209d7f720e87f392d03f1fe45 c3aa6187fbbd674b69e58aa9403bd020b31da7fc07da9e7d74fe46b4ee0d0063 Loading...

	laser.bayern/	31 B	2023-03-08	2023-10-25
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:06 Last Seen2023-10-25 02:33:19 Times Seen8 Hash 9a5b0e9bf4776ffe9ff782bbcf85829a 165be027289c2b501673c017e44ae070442246db e2a2f0e2edcb4e4bd449978b398b266f5765bf0671d0eedb736f10df7c9690cb Loading...

	laser.bayern/	31 B	2023-03-10	2023-05-27
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:32:57 Last Seen2023-05-27 03:57:20 Times Seen2 Hash 313d40fa9de8424635aec85496ed8146 9bcbda5aaab96b11c448c2d83ec827be873706ff a12a72ed44ec5e5e9dbf1080c2a949ce9bcd90534ff81d785fff73a29e789b1f Loading...

	laser.bayern/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL laser.bayern/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:52:31 Times Seen37086674 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	laser.bayern/	2.1 kB	2023-03-10	2023-03-14
Pretty URL laser.bayern/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:32:57 Last Seen2023-03-14 07:27:44 Times Seen1 Hash bafe0b6ce37422b8fe8305ea5b9caa5a db33938fb0f95eeb4880a949cf56978dd9c149e4 94343e8ecf073cd17460a55d29d63cb3d47660da081247d9305dcd16c96eca4a Loading...

	laser.bayern/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js	90 kB	2023-03-08	2024-04-04
Pretty URL laser.bayern/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:42 Last Seen2024-04-04 21:33:07 Times Seen225 Hash 61e42b56664a9f8e164a214158d0bc6a 5f7c1613499b33420f1f09e64424cda25c631f4f 1babd2f2ea269f6c0f37a99474b66895612a941d4748b7a355dd7cda17923ef8 Loading...

	consentcdn.cookiebot.com/consentconfig/96ffe6f7-142f-4033-b85e-7783b262ae0f/laser.bayern/configuration.js	557 B	2023-03-10	2023-03-11
Pretty URL consentcdn.cookiebot.com/consentconfig/96ffe6f7-142f-4033-b85e-7783b262ae0f/laser.bayern/configuration.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:32:57 Last Seen2023-03-11 23:16:08 Times Seen1 Hash 3ffe4074bc665a81ef0880f803eeaea6 53f3efc6d994f2eb5fc001fea7378fc69df102c5 dfdae806e7392cfbcc5521c2c1ec0f0186695e55fe992aded7c9ed5dc6bd920b Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	569 B	2023-03-07	2023-07-06
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2023-07-06 06:53:25 Times Seen429 Hash c3ec01c3d295c22ea26afa0db60f3cd2 1b4b3461aa8d9b25a1c5f9e7472fabb0fe410053 2eca2b34bebf4e267d33b18974f96e62281bb48795c85db0c5c4c9ef1f9d4ef4 Loading...

	laser.bayern/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js	46 kB	2023-03-10	2023-03-11
Pretty URL laser.bayern/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:32:57 Last Seen2023-03-11 23:16:08 Times Seen1 Hash a229876fef24cf6c0edac273a5326554 07bd2df018ee5e145317bf16a4a33fe9c35051ec c5c89b0279fdc1ba419b8ebd998aa9f65b69adbdd4ec83f2e1d7c8672b0f0a2b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 26117666b36c61a9f406c63b444840c5	5.5 kB	2023-03-07	2024-04-10
Pretty Observations First Seen2023-03-07 01:41:27 Last Seen2024-04-10 00:36:23 Times Seen377 Hash 26117666b36c61a9f406c63b444840c5 03a13738cc3f92241486767ed3f47cb289b2efe4 83b5682ad9aa0a46a872d86a823e7e3e4ce6092d3dcc302a35f0f430a71a6e85 Loading...

	#2 Eval - 74478c1f94421b5e2b451e4106da57e5	1.6 kB	2023-03-08	2023-12-07
Pretty Observations First Seen2023-03-08 14:24:06 Last Seen2023-12-07 15:46:48 Times Seen21 Hash 74478c1f94421b5e2b451e4106da57e5 a55191a35ddff0e633e3c2e5c82c3e42348e79af a0ec460d72ba1b696348776c4c8185740f96de88903fff4bdf42301ef725babe Loading...

	#3 Eval - 5acf9481b96f56099638cb060c6534bb	11 kB	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:38:41 Last Seen2024-04-24 02:44:08 Times Seen408 Hash 5acf9481b96f56099638cb060c6534bb 9c2ff3dcfbbba670e7c1e9699c67cca69a9d4b3c a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e Loading...

	#4 Eval - 477b9af8977dc668c8261e08a6f4af3f	24 kB	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:41:27 Last Seen2024-04-25 19:42:48 Times Seen185 Hash 477b9af8977dc668c8261e08a6f4af3f 64c2c6db3c374dbf5b568b3ee92e6fb785ad4433 e11d578fb8d40883e6d8f4f6ed156f30558964945c6f868ecf253c455feb457a Loading...

	#5 Eval - 9e7ca9547aa572b1cdfa58bfd6557140	2.9 kB	2023-03-10	2023-05-27
Pretty Observations First Seen2023-03-10 08:32:57 Last Seen2023-05-27 03:57:20 Times Seen2 Hash 9e7ca9547aa572b1cdfa58bfd6557140 c78878cd8df490335eccb075bc519acd508b83d3 da7dbca11e330ee4a5ba57e7474adeeee4c4027dc04ba57e5bbfa17c515669e7 Loading...

HTTP Transactions (42)

URL IP Response Size

laser.bayern/

195.63.103.228

301 Moved Permanently

162 B

URL HTTP/1.1
laser.bayern/
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 00:34:41 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://laser.bayern/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8644
Expires: Fri, 02 Dec 2022 02:58:45 GMT
Date: Fri, 02 Dec 2022 00:34:41 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 772
Cache-Control: max-age=122963
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:34:41 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:44:04 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4742
Expires: Fri, 02 Dec 2022 01:53:43 GMT
Date: Fri, 02 Dec 2022 00:34:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 00:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 891
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: z2nILS+CN9MDvboG1PkV2foQQPObBLfI992m3b+BgvxwV3FzxG0dOpn3WhlADFri3SKvi4+wsFg=
x-amz-request-id: 902WNQKJWRKM77B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 23:45:51 GMT
age: 2930
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f0fcbe87dbb4d49531e7aa697998e7c
debd4055713e8e12a727b9b27cf1c6d5caaa670c
3d2a33d4c32db494e6691c9e7018e0ff31ef19be7cb9323122d108913074da1e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D2A33D4C32DB494E6691C9E7018E0FF31EF19BE7CB9323122D108913074DA1E"
Last-Modified: Fri, 02 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 06:34:41 GMT
Date: Fri, 02 Dec 2022 00:34:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 00:08:57 GMT
cache-control: public,max-age=3600
age: 1544
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

laser.bayern/

195.63.103.228

200 OK

9.1 kB

URL HTTP/2
laser.bayern/
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9901)
Size
9.1 kB (9109 bytes)
Hash
9187a095bda6ee39ef16dd31880b451f
86ed89885bba1fa6a4383c37391d13ed3a4b36ac
67e86ce5e9ba9121ce2f9365cba392b6a2f87fca05e6dc74f137ffed49f9f6fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/html; charset=UTF-8
content-length: 9109
link: <https://laser.bayern/wp-json/>; rel="https://api.w.org/", <https://laser.bayern/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://laser.bayern/>; rel=shortlink
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, s-maxage=10
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 758
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:34:42 GMT
Last-Modified: Fri, 02 Dec 2022 00:22:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

laser.bayern/wp-content/themes/twentythirteen/A.style.css,qver=20221101.pagespeed.cf.vaqDxOsFxj.css

195.63.103.228

200 OK

8.9 kB

URL HTTP/2
laser.bayern/wp-content/themes/twentythirteen/A.style.css,qver=20221101.pagespeed.cf.vaqDxOsFxj.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (17544)
Size
8.9 kB (8902 bytes)
Hash
b0ee536b15a4c4cc11b8b7067813a8ec
d05efd2ef1352ab4ba1f5bf7b3d509de92233908
61e390b1706f08662af89857289577af4277b540af4a092cfe8a13d548a3c35e

HTTP Headers

GET /wp-content/themes/twentythirteen/A.style.css,qver=20221101.pagespeed.cf.vaqDxOsFxj.css HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/css
content-length: 8902
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:34:40 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 02 Dec 2022 00:34:40 GMT
x-original-content-length: 57864
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/themes/twentythirteen/css/A.blocks.css,qver=20210622.pagespeed.cf.Q1TOZTlvqE.css

195.63.103.228

200 OK

2.1 kB

URL HTTP/2
laser.bayern/wp-content/themes/twentythirteen/css/A.blocks.css,qver=20210622.pagespeed.cf.Q1TOZTlvqE.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (2296)
Size
2.1 kB (2123 bytes)
Hash
5e70f5948f46dc10982b7dfa73e8e8ce
85216848bb7e835468f181ef8ef19e09bf1e62fd
ff84d5d31a06485a781d469b0fbc2a5d8d20d9edf606834abd6fe0dde2151e71

HTTP Headers

GET /wp-content/themes/twentythirteen/css/A.blocks.css,qver=20210622.pagespeed.cf.Q1TOZTlvqE.css HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/css
content-length: 2123
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:34:40 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 02 Dec 2022 00:34:40 GMT
x-original-content-length: 16061
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js

195.63.103.228

200 OK

31 kB

URL HTTP/2
laser.bayern/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30900 bytes)
Hash
4e3b85607d8bfd64e1ecc60fb32bc6f9
506c732ad9a95cd6fdfbda2a17b05346574e5e51
5175453b02b3270db800e4f8b1aa31acdc64c919217c3d8dbf1d65b17a936415

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: application/javascript
content-length: 30900
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:22:13 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 02 Dec 2022 00:22:13 GMT
x-original-content-length: 89684
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/themes/twentythirteen/genericons/A.genericons.css,qver=3.0.3.pagespeed.cf.mweVyKKY-g.css

195.63.103.228

200 OK

19 kB

URL HTTP/2
laser.bayern/wp-content/themes/twentythirteen/genericons/A.genericons.css,qver=3.0.3.pagespeed.cf.mweVyKKY-g.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (28820), with no line terminators
Size
19 kB (18856 bytes)
Hash
39d63fbd8151f5503682775295709884
c37ee08f14b18f4f152d8e201df03f23c08c4c33
6be0cb448729326eff3410a3f760fd57c642e096e72bbbfd4f7b71fc2719d2da

HTTP Headers

GET /wp-content/themes/twentythirteen/genericons/A.genericons.css,qver=3.0.3.pagespeed.cf.mweVyKKY-g.css HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/css
content-length: 18856
accept-ranges: bytes
x-original-content-length: 31045
expires: Sat, 02 Dec 2023 00:34:42 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Fri, 02 Dec 2022 00:34:42 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js

195.63.103.228

200 OK

14 kB

URL HTTP/2
laser.bayern/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (24482)
Size
14 kB (13789 bytes)
Hash
738a37a800e5dbf203f727b9db10501a
bc077061df4f978ea3ad6d3b5825a307e197bade
a6ee957214de43434dbf285901ce7709f58c7a6d5bb8809bd255cad8630a8470

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.3.2+wp-includes,_js,_imagesloaded.min.js,qver==4.1.4+wp-includes,_js,_masonry.min.js,qver==4.2.2+wp-includes,_js,_jquery,_jquery.masonry.min.js,qver==3.1.2b+wp-content,_themes,_twentythirteen,_js,_functions.js,qver==20210122.pagespeed.jc.oimHb-8kz2.js HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: application/javascript
content-length: 13789
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:34:42 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Fri, 02 Dec 2022 00:34:42 GMT
x-original-content-length: 47581
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xGrafik.jpg.pagespeed.ic.273lkPGp8i.webp

195.63.103.228

200 OK

50 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xGrafik.jpg.pagespeed.ic.273lkPGp8i.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 954x554, components 3\012- data
Size
50 kB (49582 bytes)
Hash
f712406c0f3abe727591d39ede183589
30d5df3e24848764634e16919efee1fefecef444
bb8f20c64f632fee42a96bd0448e44704fb05641928ba669652a3f96d0d49798

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xGrafik.jpg.pagespeed.ic.273lkPGp8i.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 49582
last-modified: Wed, 13 Nov 2019 17:26:05 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/Grafik.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:36 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css

195.63.103.228

200 OK

12 kB

URL HTTP/2
laser.bayern/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (12371 bytes)
Hash
ea5a200adfa603eb5bcd91387572956d
6ae3de72b9b8728b39a30db964814cc001f38a42
b88bc65922551151200c0ce881beaa47e142ff4594841625fd6c5d01104c15e3

HTTP Headers

GET /wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/css
content-length: 12371
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:34:42 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 02 Dec 2022 00:34:42 GMT
x-original-content-length: 94889
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css

195.63.103.228

200 OK

120 kB

URL HTTP/2
laser.bayern/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
data
Size
120 kB (119662 bytes)
Hash
1a8a952a72721d85c196003b23fec363
e0b4a25b679f9507e46b1a7d30383e1e21c0a4b6
b6c00db658839f00ff7571f33bf0b9683a72b6f149c149f65cfaaa1058d8caf4

HTTP Headers

GET /wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: text/css
content-length: 94889
last-modified: Wed, 16 Nov 2022 04:30:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-original-content-length: 94889
content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:36 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/themes/twentythirteen/images/search-icon.png.pagespeed.ce.N6PPjj1d9A.png

195.63.103.228

200 OK

422 B

URL HTTP/2
laser.bayern/wp-content/themes/twentythirteen/images/search-icon.png.pagespeed.ce.N6PPjj1d9A.png
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size
422 B (422 bytes)
Hash
37a3cf8e3d5df4002c55d88834a294d0
6f3148b0f1f8a2cc7054933d9276a795334f8786
77cc2a262c38bdfeaf27050d2e54b5927c5744f4d80e2fa466c526d524e7c2ae

HTTP Headers

GET /wp-content/themes/twentythirteen/images/search-icon.png.pagespeed.ce.N6PPjj1d9A.png HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/wp-content/themes/twentythirteen/A.style.css,qver=20221101.pagespeed.cf.vaqDxOsFxj.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/png
content-length: 422
link: <https://laser.bayern/wp-content/themes/twentythirteen/images/search-icon.png>; rel="canonical"
accept-ranges: bytes
last-modified: Wed, 02 Nov 2022 05:16:17 GMT
expires: Sat, 02 Dec 2023 00:34:42 GMT
cache-control: max-age=31536000
etag: W/"0"
x-original-content-length: 422
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288614_1920-1024x768-2.jpg.pagespeed.ic.z4Gl8DYLoJ.webp

195.63.103.228

200 OK

32 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288614_1920-1024x768-2.jpg.pagespeed.ic.z4Gl8DYLoJ.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1600x230, components 3\012- data
Size
32 kB (32469 bytes)
Hash
d6a1f5e7e3c5fb4dc0999bdae0f96957
b98af5bc87079f630ad54e05cb0af99ff90789fa
0e040d7426e0e10158a7902dbaf5bdfbb49f5e38067a8c2642b22bfc854509be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xcropped-laser-288614_1920-1024x768-2.jpg.pagespeed.ic.z4Gl8DYLoJ.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 32469
last-modified: Fri, 28 Feb 2020 10:42:14 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/cropped-laser-288614_1920-1024x768-2.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.216.192.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.192.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dh2JgZDX2BZNs961T3mdzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FDnBL/sK1ERCQRCWTOFLntrqFtQ=

consent.cookiebot.com/uc.js

104.84.152.233

200 OK

557 B

URL HTTP/2
consent.cookiebot.com/uc.js
IP
104.84.152.233:0
ASN
#20940 Akamai International B.V.

File type
data
Size
557 B (557 bytes)
Hash
3ffe4074bc665a81ef0880f803eeaea6
53f3efc6d994f2eb5fc001fea7378fc69df102c5
dfdae806e7392cfbcc5521c2c1ec0f0186695e55fe992aded7c9ed5dc6bd920b

HTTP Headers

GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=477
expires: Fri, 02 Dec 2022 00:42:39 GMT
date: Fri, 02 Dec 2022 00:34:42 GMT
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xlaser-288610_1920-1024x768.jpg.pagespeed.ic.oKEpwTn8Zu.webp

195.63.103.228

200 OK

67 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xlaser-288610_1920-1024x768.jpg.pagespeed.ic.oKEpwTn8Zu.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x768, components 3\012- data
Size
67 kB (66779 bytes)
Hash
ec66601e1b82fc6768d506c853e53fc6
bcd3a79efea17c4832979a8bd68e954afe1fd623
34e050776e1bddbbccf156eaa3bb87b635de02648804dba36c603efecccf64ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xlaser-288610_1920-1024x768.jpg.pagespeed.ic.oKEpwTn8Zu.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 66779
last-modified: Wed, 13 Nov 2019 17:25:44 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/laser-288610_1920-1024x768.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xlasershow-539575_1920-1024x683.jpg.pagespeed.ic.Bdd2vf0dD9.webp

195.63.103.228

200 OK

52 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xlasershow-539575_1920-1024x683.jpg.pagespeed.ic.Bdd2vf0dD9.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size
52 kB (51804 bytes)
Hash
11875d4a0f460bc25d2ed3c9e64d137b
8f00e5d45ea6cc34e1bf32289201b17c0c9e4877
98427184012c966a5bfa6238280fee57af6a3dc0739d1860dca8aa6346809b6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xlasershow-539575_1920-1024x683.jpg.pagespeed.ic.Bdd2vf0dD9.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 51804
last-modified: Wed, 13 Nov 2019 17:25:45 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/lasershow-539575_1920-1024x683.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xlaser-1024x768.jpg.pagespeed.ic.9OgszNHV8Z.webp

195.63.103.228

200 OK

107 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xlaser-1024x768.jpg.pagespeed.ic.9OgszNHV8Z.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Size
107 kB (107227 bytes)
Hash
79c30ae165948e5cbaa0e77169fec934
d407f87991898660952bf7fa8d7e9502ac482d93
256e80163a72ce4ac61e3b151c2244eca4bce92f3f671df44ac1c6982dff223f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xlaser-1024x768.jpg.pagespeed.ic.9OgszNHV8Z.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 107227
last-modified: Wed, 13 Nov 2019 17:25:43 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/laser-1024x768.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

consentcdn.cookiebot.com/sdk/bc-v4.min.html

104.110.3.72

200 OK

392 B

URL HTTP/2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
104.110.3.72:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Size
392 B (392 bytes)
Hash
e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35

HTTP Headers

GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Sat, 11 Nov 2023 14:26:39 GMT
date: Fri, 02 Dec 2022 00:34:42 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xlasershow-539583_1920-1024x683.jpg.pagespeed.ic.h0uXeEiQ-N.webp

195.63.103.228

200 OK

63 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xlasershow-539583_1920-1024x683.jpg.pagespeed.ic.h0uXeEiQ-N.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size
63 kB (62877 bytes)
Hash
70778b507073e5033656d5680963feab
b615855eedf28c3b0ff99e0b2dcd4ff664297ee9
0cea0b7526ce22cd45c50e1e20eda08285813157bb0b078cd3d00c1409a7de38

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xlasershow-539583_1920-1024x683.jpg.pagespeed.ic.h0uXeEiQ-N.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 62877
last-modified: Wed, 13 Nov 2019 17:25:45 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/lasershow-539583_1920-1024x683.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xlaser-288614_1920-1024x768.jpg.pagespeed.ic.jNYRf7kLKj.webp

195.63.103.228

200 OK

65 kB

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xlaser-288614_1920-1024x768.jpg.pagespeed.ic.jNYRf7kLKj.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x768, components 3\012- data
Size
65 kB (64840 bytes)
Hash
0448fd4c057f5148a8e6e703a1d50261
832c10132b87b956fd373f694f71b58c84ad60a5
a5f552c8e8211fd93b012204fbb7ec4736ed4b059c8701ceab253c0865e35cbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xlaser-288614_1920-1024x768.jpg.pagespeed.ic.jNYRf7kLKj.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/jpeg
content-length: 64840
last-modified: Wed, 13 Nov 2019 17:25:44 GMT
accept-ranges: bytes
link: <https://laser.bayern/wp-content/uploads/2019/11/laser-288614_1920-1024x768.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 00:39:37 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

laser.bayern/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

195.63.103.228

200 OK

7.8 kB

URL HTTP/2
laser.bayern/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (15660)
Size
7.8 kB (7813 bytes)
Hash
b82bef19fd415b9e50ec33c00e41acc8
d580691276b2157225cc8c14cad3d67c154dc13d
75844f3daeaecf8c3b66f8f32a45698973bb710b89605628548ba027e22c2f0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 08:46:15 GMT
cache-control: s-maxage=10
etag: W/"62b18557-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288610_1920-1024x768-32x32.jpg.pagespeed.ic.qUNX4uctvt.webp

195.63.103.228

200 OK

358 B

URL HTTP/2
laser.bayern/wp-content/uploads/2019/11/xcropped-laser-288610_1920-1024x768-32x32.jpg.pagespeed.ic.qUNX4uctvt.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
358 B (358 bytes)
Hash
a94357e2e72dbed21712820fc155d4e3
d7c38fafc3d89992fa13f8c4c4b870795dc30d24
9d14a158b608c9d74ad9ee4a00ce779566b10974b87a1ecec697574e3e8703f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xcropped-laser-288610_1920-1024x768-32x32.jpg.pagespeed.ic.qUNX4uctvt.webp HTTP/1.1
Host: laser.bayern
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laser.bayern/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:34:42 GMT
content-type: image/webp
content-length: 358
link: <https://laser.bayern/wp-content/uploads/2019/11/cropped-laser-288610_1920-1024x768-32x32.jpg>; rel="canonical"
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:34:42 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 02 Dec 2022 00:34:42 GMT
x-original-content-length: 718
x-powered-by: PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Fri, 02 Dec 2022 00:34:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Fri, 02 Dec 2022 00:34:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Fri, 02 Dec 2022 00:34:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Fri, 02 Dec 2022 00:34:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Fri, 02 Dec 2022 00:34:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7591 bytes)
Hash
d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 8747
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11402 bytes)
Hash
1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 9790
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6752 bytes)
Hash
f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 7818
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4840 bytes)
Hash
60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 9952
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 10796
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 62341
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations