Report - rhizotechniki.eu/

Report Overview

Submitted URL
rhizotechniki.eu/
IP
94.130.205.31
ASN
#24940 Hetzner Online GmbH
Submitted
2022-12-04 01:00:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	73 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	866 B	1.5 kB	142.250.74.106
rhizotechniki.eu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	3.2 MB	94.130.205.31
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.190.4
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	54 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	rhizotechniki.eu/	Phishing
2022-12-04	medium	rhizotechniki.eu/	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.parallax.js	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js	Phishing
2022-12-04	medium	rhizotechniki.eu/media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js	Phishing
2022-12-04	medium	rhizotechniki.eu/templates/shaper_floox/js/bootstrap.min.js	Phishing
2022-12-04	medium	rhizotechniki.eu/media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_sppagebuilder/assets/js/sppagebuilder.js	Phishing
2022-12-04	medium	rhizotechniki.eu/plugins/system/jce/css/content.css?aa754b1f19c7df490be4b958cf085e7c	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/featherlight.min.js	Phishing
2022-12-04	medium	rhizotechniki.eu/templates/shaper_floox/js/main.js	Phishing
2022-12-04	medium	rhizotechniki.eu//templates/shaper_floox/js/owl.carousel.min.js	Phishing
2022-12-04	medium	rhizotechniki.eu/templates/shaper_floox/js/frontend-edit.js	Phishing
2022-12-04	medium	rhizotechniki.eu/media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488	Phishing
2022-12-04	medium	rhizotechniki.eu/templates/shaper_floox/js/jquery.sticky.js	Phishing
2022-12-04	medium	rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	rhizotechniki.eu/media/jui/js/jquery-noconflict.js?2f38d1fbcbafcb17e64907822df60488	21 B	2023-03-07	2024-04-25
Pretty URL rhizotechniki.eu/media/jui/js/jquery-noconflict.js?2f38d1fbcbafcb17e64907822df60488 IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2024-04-25 08:18:54 Times Seen4677 Hash e2060c4e5e5955c824723b13a212d3ec 18420ce484978f8ba3d7371febf1638828bb7a67 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6 Loading...

	rhizotechniki.eu//templates/shaper_floox/js/owl.carousel.min.js	40 kB	2023-03-07	2024-04-24
Pretty URL rhizotechniki.eu//templates/shaper_floox/js/owl.carousel.min.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-24 18:20:57 Times Seen4707 Hash ffaa3c82ad2c6e216e68aca44746e1be 2fa7c468110fa68f1f3df6718daf971871623ee9 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91 Loading...

	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js	16 kB	2023-03-07	2024-01-09
Pretty URL rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:56:23 Last Seen2024-01-09 14:43:23 Times Seen9 Hash e9ccce5fe2e4333e18f28bc8123df6fe 6403f86300d93a11add121fa81bb49f6c88cfd8d b96f3ccaa5d13ff9f33ce11d12757f10d67673abcd424651058bc4044a715976 Loading...

	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/featherlight.min.js	5.8 kB	2023-03-07	2024-01-09
Pretty URL rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/featherlight.min.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:56:23 Last Seen2024-01-09 14:43:23 Times Seen8 Hash d5777690944d82f9beb9df2bf95c548f 30f4b1529c091886ec1a77eec81e675d8ba4c20e cdb2dd6109cf73a7552ae56000813d951e8c2859dfa39517e932c864fccf5e05 Loading...

	rhizotechniki.eu/templates/shaper_floox/js/jquery.sticky.js	5.7 kB	2023-03-07	2024-04-24
Pretty URL rhizotechniki.eu/templates/shaper_floox/js/jquery.sticky.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:18 Last Seen2024-04-24 11:41:23 Times Seen629 Hash 112dbba9abde250c3cb1db46757c9e50 58ec8f6b9df6fd3712677528a954c21cdecb9707 d4a6a006e6fb1b81be2d15ce5f82771b6c2d68ae06141348e5cde8edb0c00bed Loading...

	rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js	720 B	2023-03-08	2024-01-09
Pretty URL rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:05:06 Last Seen2024-01-09 14:43:23 Times Seen5 Hash 58780191eb550faf3417768767a090d9 43890c5e735862bdacd58b06dd7e7327a2b55494 064bf3b5695e8bcb1be38bc371b0ba90de0e185179d35237a7c668b7bdc49ea5 Loading...

	rhizotechniki.eu/templates/shaper_floox/js/frontend-edit.js	1.9 kB	2023-03-07	2024-04-15
Pretty URL rhizotechniki.eu/templates/shaper_floox/js/frontend-edit.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:18 Last Seen2024-04-15 14:33:33 Times Seen445 Hash a4a9c13676c7ce877d72f1b0646d2add 10c84f7c2d4fc26342b31b3d3b971b6be8a7dda7 7998d85d99a88de3bd08a308c164b0cfce86de9e71eff892bcd2919a74b2e340 Loading...

	rhizotechniki.eu/components/com_sppagebuilder/assets/js/sppagebuilder.js	71 kB	2023-03-08	2023-06-16
Pretty URL rhizotechniki.eu/components/com_sppagebuilder/assets/js/sppagebuilder.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:42:56 Last Seen2023-06-16 13:32:47 Times Seen5 Hash 7503e95775bebdb7534e409a18ad5df7 d14b5caf1608c61ea8bf5e621208d6c4f077bb11 4918b31576bef9836961e7beca4774b58648b7b8947259750c3daf836a1fa51a Loading...

	rhizotechniki.eu/media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488	97 kB	2023-03-07	2024-04-24
Pretty URL rhizotechniki.eu/media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488 IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2024-04-24 17:13:41 Times Seen745 Hash 59c2901ee162828f22bab14459431652 6cec0ee04bc7138b6eedad0009a49d155451bce8 46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1 Loading...

	rhizotechniki.eu/media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488	10 kB	2023-03-07	2024-04-25
Pretty URL rhizotechniki.eu/media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488 IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-25 11:46:07 Times Seen37207 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.parallax.js	892 B	2023-03-07	2024-04-24
Pretty URL rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.parallax.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:25 Last Seen2024-04-24 11:41:23 Times Seen154 Hash 14214e60c753d87bd5da9c87449ee7a6 c418bd12800184b85a17e124fce019a6630b1d0e 8eb5d5e8b339da50d7c8290be7fa53db265d0b40d7decfb235dc2bebb8c5dca7 Loading...

	rhizotechniki.eu/templates/shaper_floox/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL rhizotechniki.eu/templates/shaper_floox/js/bootstrap.min.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 12:55:46 Times Seen54595 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-02-25
Pretty URL rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:56:19 Last Seen2024-02-25 03:32:18 Times Seen47 Hash 1cc5d3ec638a74bfa32157f8082e65c8 7b9f105448b023c01e48183dfb814d7750cd3252 061711f5c1b0f61baab24b5e852ded6af8f570a9a49c0147f822e4fbaf1dcfdc Loading...

	rhizotechniki.eu/media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488	8.8 kB	2023-03-07	2024-04-24
Pretty URL rhizotechniki.eu/media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488 IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:44 Last Seen2024-04-24 17:13:37 Times Seen549 Hash 2389024c3d3ddc855b456962dce68cf0 3ea6f77dbaa51af3747a525d02d76ac064b2d2bd ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6 Loading...

	rhizotechniki.eu/templates/shaper_floox/js/main.js	15 kB	2023-03-08	2024-02-22
Pretty URL rhizotechniki.eu/templates/shaper_floox/js/main.js IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:42:56 Last Seen2024-02-22 13:40:01 Times Seen9 Hash 1f0725c6a2b3dd337b82101118ca051d e1c3e8a6771e193421204e02ad16db8024d2a21a b545fbfa5f9b70a0f1ad2fb2abdc2e5ccc5149e80fe02c92f620bfeae5e3381d Loading...

	rhizotechniki.eu/	1.5 kB	2023-03-08	2023-03-17
Pretty URL rhizotechniki.eu/ IP 94.130.205.31 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:42:56 Last Seen2023-03-17 10:15:57 Times Seen1 Hash 065840246a225ea646630104856cad3a efa3cfce7cae281686c1f71e03a07b626d739123 b62d31e0c37d67b41af9ca52be95999e6462e1419b77162c71ef03923d7e920f Loading...

HTTP Transactions (82)

URL IP Response Size

rhizotechniki.eu/

94.130.205.31

301 Moved Permanently

162 B

URL HTTP/1.1
rhizotechniki.eu/
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 01:00:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://rhizotechniki.eu/

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3530
Expires: Sun, 04 Dec 2022 01:59:02 GMT
Date: Sun, 04 Dec 2022 01:00:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:00:12 GMT
Last-Modified: Sun, 04 Dec 2022 00:01:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3457
Expires: Sun, 04 Dec 2022 01:57:49 GMT
Date: Sun, 04 Dec 2022 01:00:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 00:20:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2411
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: KLloukgOJYsmyeg/v1MFgHxM+QhdpcANnIDh6pCHsErEvvL58RF3vQoUsjQ4qha4n1cy9AjbxhQ=
x-amz-request-id: T2CYB15Z6ZK41H36
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 00:47:20 GMT
age: 772
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf7f8b1e30d40c60b1764252a628e926
7be85d12b95ef5873d56a91df746a05be992ac5d
52aca0a2147f92b634a2e4e5f18b6d5a32674308f2bc649c2b369729fa13c308

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52ACA0A2147F92B634A2E4E5F18B6D5A32674308F2BC649C2B369729FA13C308"
Last-Modified: Sun, 04 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sun, 04 Dec 2022 06:59:14 GMT
Date: Sun, 04 Dec 2022 01:00:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 3074
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3476
Cache-Control: max-age=119075
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:00:12 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:04:47 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

rhizotechniki.eu/

94.130.205.31

200 OK

9.6 kB

URL HTTP/2
rhizotechniki.eu/
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3984), with CRLF, CR, LF line terminators
Size
9.6 kB (9552 bytes)
Hash
be49cd72aa7dad56b0b82a1dfc99d879
725d21684b1daebe8a7063aa8874e9c25c94221c
6083e49f9d2618858dd0cc1ab6ee2bd2f909a9c405058d03ba9953f83f71dbd3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/html; charset=utf-8
content-length: 9552
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e; path=/; HttpOnly
last-modified: Sun, 04 Dec 2022 01:00:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:00:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rhizotechniki.eu/components/com_sppagebuilder/assets/css/font-awesome.min.css

94.130.205.31

200 OK

7.1 kB

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/css/font-awesome.min.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (30799)
Size
7.1 kB (7106 bytes)
Hash
73011adca6eaca50d41888b72a8480ea
40c460d5aa9d4f7592666848f816ad592a949cca
2d45aa634877967542853e0e8c749f445e7bb0ff2d3ffac8dfec4c1819a77804

HTTP Headers

GET /components/com_sppagebuilder/assets/css/font-awesome.min.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-78f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/css/sppagecontainer.css

94.130.205.31

200 OK

139 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/css/sppagecontainer.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
19280a9ea979812f146fbf81836b3944
70566f97288257b0408c5424f46c3a2c2de88335
db4326fc826eb1888f2f388521a0d0e485101df5e65df3ef84b63e4d60d30237

HTTP Headers

GET /components/com_sppagebuilder/assets/css/sppagecontainer.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
content-length: 139
x-accel-version: 0.01
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: "10c-58f6629204757-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.190.4

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.190.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rqFZI3fuUB3UgwXR+CHSmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ta4qfyCSCgL7soTQ2EDHdulc940=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:00:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rhizotechniki.eu/plugins/system/helix3/assets/css/pagebuilder.css

94.130.205.31

200 OK

279 B

URL HTTP/2
rhizotechniki.eu/plugins/system/helix3/assets/css/pagebuilder.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
279 B (279 bytes)
Hash
59820a8e36fed7c7d846094ae15813f1
ea6c114d6abd148b62f61852aa983b7bba47e86e
a788c51b5751da300ae1810e9f4ae17f6e6dfd39c29bd71704d706e82c1ba6a5

HTTP Headers

GET /plugins/system/helix3/assets/css/pagebuilder.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
content-length: 279
x-accel-version: 0.01
last-modified: Fri, 11 Feb 2022 17:41:48 GMT
etag: "209-5d7c194ce16a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/media/mod_languages/css/template.css

94.130.205.31

200 OK

172 B

URL HTTP/2
rhizotechniki.eu/media/mod_languages/css/template.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
172 B (172 bytes)
Hash
8674a5e4d8db7a1ef24eab7757fcd611
5b0a374ca88e51edb700bb8ffc689b5a9715de33
2a3168e441893459d08f5115d63962a4a2b43b67468a80d4b7f5e8f50baf4280

HTTP Headers

GET /media/mod_languages/css/template.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
content-length: 172
x-accel-version: 0.01
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: "14f-58d569390d680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.parallax.js

94.130.205.31

200 OK

427 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.parallax.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (892), with no line terminators
Size
427 B (427 bytes)
Hash
28121b07310145a81cc64d177ce3cf98
9b0e26cca6d8f2aa65dc48bd8b2d03a4f0b22484
792f1f5fe34b233e708d932dde671b5a6eb02b22e06e597446d699b33d085446

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_sppagebuilder/assets/js/jquery.parallax.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
content-length: 427
x-accel-version: 0.01
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: "37c-58f6629201877-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js

94.130.205.31

200 OK

408 B

URL HTTP/2
rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (535)
Size
408 B (408 bytes)
Hash
22ddc19d8d5082899f3740a9e01a9eb0
f0a4009b2d450efdf4b5236a7564b0bb584aa914
1490fd0ed16fb35e59c2ad7276e1debfddc3ff429ec64a0cdc8ef7866efd1bd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_spsimpleportfolio/assets/js/spsimpleportfolio.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
content-length: 408
x-accel-version: 0.01
last-modified: Fri, 11 Feb 2022 17:41:34 GMT
etag: "2d0-5d7c193f70fcb-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/images/Project/Industry/logo.png

94.130.205.31

200 OK

7.1 kB

URL HTTP/2
rhizotechniki.eu/images/Project/Industry/logo.png
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 246 x 96, 8-bit/color RGBA, interlaced\012- data
Size
7.1 kB (7121 bytes)
Hash
3701ee11b1ee3fef089e6995517ba291
dcec7ca9f5ba81389adb622afd364b1b2f4c554e
43d794b8470e6ce5e6e6ced35579aaaba64d7558623c44abbb25e92a3068453c

HTTP Headers

GET /images/Project/Industry/logo.png HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/png
content-length: 7121
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-1bd1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/images/2018/11/30/pict-1.jpg

94.130.205.31

200 OK

32 kB

URL HTTP/2
rhizotechniki.eu/images/2018/11/30/pict-1.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 90x90, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=NORITSU KOKI, model=QSS-32_33, orientation=upper-left, xresolution=157, yresolution=165, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:05:14 00:51:29], progressive, precision 8, 250x180, components 3\012- data
Size
32 kB (32008 bytes)
Hash
d0b0d97a8ca5f87b4b5ff0f0a9cc47f1
599fb976f9ec3ee68811c2c32625aae3252e783f
a25f41b9a872d43417f87843c2e3e5f6fee2f18a2e1c9e67f991c6bdcf27e45f

HTTP Headers

GET /images/2018/11/30/pict-1.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 32008
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-7d08"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu//templates/shaper_floox/css/owl.carousel.css

94.130.205.31

200 OK

1.5 kB

URL HTTP/2
rhizotechniki.eu//templates/shaper_floox/css/owl.carousel.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.5 kB (1469 bytes)
Hash
939670de92be4481718558efb69c6290
42258ea7dba5639faec0d95ac00d8996f268bc69
cba6dd1017e6e9dc4d92f97549199987106b691ec9a34aa9d7fa81270afad985

HTTP Headers

GET //templates/shaper_floox/css/owl.carousel.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-1206"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rhizotechniki.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:34 GMT
expires: Wed, 29 Nov 2023 15:42:34 GMT
cache-control: public, max-age=31536000
age: 379059
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rhizotechniki.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 279083
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Size
13 kB (12684 bytes)
Hash
0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

HTTP Headers

GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rhizotechniki.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:35 GMT
expires: Wed, 29 Nov 2023 15:42:35 GMT
cache-control: public, max-age=31536000
age: 379058
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rhizotechniki.eu/images/spsimpleportfolio/gaea-products-s-a-aigion/19f9cefdfb07230a68581d617885a3af_XL_600x400.jpg

94.130.205.31

200 OK

53 kB

URL HTTP/2
rhizotechniki.eu/images/spsimpleportfolio/gaea-products-s-a-aigion/19f9cefdfb07230a68581d617885a3af_XL_600x400.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 600x400, components 3\012- data
Size
53 kB (52847 bytes)
Hash
d99f9d2a78f0b8ac7ac32e1ef585c9b6
e507544d600094450a91f0c70fd9d2b0271227b1
87f5de29ccfc2dd41df34d2010bd01509b33df1b48a9a337a3509c1104f778ef

HTTP Headers

GET /images/spsimpleportfolio/gaea-products-s-a-aigion/19f9cefdfb07230a68581d617885a3af_XL_600x400.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 52847
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-ce6f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:00:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rhizotechniki.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 279083
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rhizotechniki.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 279083
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rhizotechniki.eu/media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488

94.130.205.31

200 OK

40 kB

URL HTTP/2
rhizotechniki.eu/media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65469)
Size
40 kB (40365 bytes)
Hash
1a4ab929052da3d3dbc70092db0f7e95
732bb436b31f86a0c9693b16fe9744b42c187705
4249b44b1aeecbe64b3fa21409e5ae1285bf4897aef4b443c3508c6c01f6c7e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/jui/js/jquery.min.js?2f38d1fbcbafcb17e64907822df60488 HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: W/"5d26190a-1795e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/images/demo/logo.png

94.130.205.31

200 OK

7.1 kB

URL HTTP/2
rhizotechniki.eu/images/demo/logo.png
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 246 x 96, 8-bit/color RGBA, interlaced\012- data
Size
7.1 kB (7121 bytes)
Hash
3701ee11b1ee3fef089e6995517ba291
dcec7ca9f5ba81389adb622afd364b1b2f4c554e
43d794b8470e6ce5e6e6ced35579aaaba64d7558623c44abbb25e92a3068453c

HTTP Headers

GET /images/demo/logo.png HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/png
content-length: 7121
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-1bd1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/media/mod_languages/images/el_gr.gif

94.130.205.31

200 OK

537 B

URL HTTP/2
rhizotechniki.eu/media/mod_languages/images/el_gr.gif
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 87a, 18 x 12\012- data
Size
537 B (537 bytes)
Hash
562ee5a8cd19642ae60d2f4961b192fe
8a5258ad28612c76e3288ed9233ad4cf688904c8
132830ceb7990730a1811bd4c888e5e375f9d692d8f5f25d6594fa326511bd4b

HTTP Headers

GET /media/mod_languages/images/el_gr.gif HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/gif
content-length: 537
x-accel-version: 0.01
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: "219-58d569390d680"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/media/mod_languages/images/fr_fr.gif

94.130.205.31

200 OK

74 B

URL HTTP/2
rhizotechniki.eu/media/mod_languages/images/fr_fr.gif
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 87a, 18 x 12\012- data
Size
74 B (74 bytes)
Hash
0d69131cf0a987d9bc199d588922be26
bbad9ee1e2467cc31fa8c48d75f11485eeacbdba
45c651f99d5cfeee52218e6555cabc67ca1584a9d2889f669eb8f5d3fe3e3960

HTTP Headers

GET /media/mod_languages/images/fr_fr.gif HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/gif
content-length: 74
x-accel-version: 0.01
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: "4a-58d569390d680"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

rhizotechniki.eu/media/mod_languages/images/en.gif

94.130.205.31

200 OK

1.0 kB

URL HTTP/2
rhizotechniki.eu/media/mod_languages/images/en.gif
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 87a, 18 x 12\012- data
Size
1.0 kB (1027 bytes)
Hash
dc27490e740f62c372205d04e5b0400e
cad81078b95b980801485ac2d69b10a45b8ff3f6
5d14e1355f6dc3fae99dda64bd1b376867196c66c2eb3dd07ffb18f8dd0d242b

HTTP Headers

GET /media/mod_languages/images/en.gif HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/gif
content-length: 1027
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: "5d26190a-403"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/media/jui/js/jquery-noconflict.js?2f38d1fbcbafcb17e64907822df60488

94.130.205.31

200 OK

9.6 kB

URL HTTP/2
rhizotechniki.eu/media/jui/js/jquery-noconflict.js?2f38d1fbcbafcb17e64907822df60488
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
9.6 kB (9634 bytes)
Hash
3e6da736f0022d2bd50767c2f8e9e4e6
472fdd299aa063dd7248f2f75a18080d8888ca87
16c34932248300dbe1c4f372dccb6b3c642f6b68d25b74a0543fdefeecc82490

HTTP Headers

GET /media/jui/js/jquery-noconflict.js?2f38d1fbcbafcb17e64907822df60488 HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: W/"15-58d569390d680"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/images/spsimpleportfolio/palmie-catering-avlonas-attica/8b6e33345ac8d5ffd9cf0d107a7d9e9d_XL_600x800.jpg

94.130.205.31

200 OK

152 kB

URL HTTP/2
rhizotechniki.eu/images/spsimpleportfolio/palmie-catering-avlonas-attica/8b6e33345ac8d5ffd9cf0d107a7d9e9d_XL_600x800.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 600x800, components 3\012- data
Size
152 kB (152100 bytes)
Hash
35a2236b1ca4f83368b863c7ed09b08b
d88e9f1b2714e26b7a5d3835a8a8350b5bcc4f06
591132211982dfb3a252305ee034f67d48bebb88971a53370cb2dfe93a050b6a

HTTP Headers

GET /images/spsimpleportfolio/palmie-catering-avlonas-attica/8b6e33345ac8d5ffd9cf0d107a7d9e9d_XL_600x800.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 152100
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-25224"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/images/spsimpleportfolio/meat-processing-unit-northern-greece/8fe3e0f34d3083cba6fe73d62a783d7f_XL_600x600.jpg

94.130.205.31

200 OK

106 kB

URL HTTP/2
rhizotechniki.eu/images/spsimpleportfolio/meat-processing-unit-northern-greece/8fe3e0f34d3083cba6fe73d62a783d7f_XL_600x600.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 600x600, components 3\012- data
Size
106 kB (106065 bytes)
Hash
983000242f7fbe28a3e9f2396626788f
f76d1e639400383fd17882808a3e94dbff669e63
e7c2d2f3492bbcab0dde7f22688dedf616879672edbbe29a2e11dd222bb8e034

HTTP Headers

GET /images/spsimpleportfolio/meat-processing-unit-northern-greece/8fe3e0f34d3083cba6fe73d62a783d7f_XL_600x600.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 106065
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-19e51"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js

94.130.205.31

200 OK

82 kB

URL HTTP/2
rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (15479)
Size
82 kB (82393 bytes)
Hash
92b4be848b4644a6865455c7d10f8d4a
e406e4547870b6caf07d236e2ecbb91d3d490ded
d4d4ab332b81bb9a5ead35dd93b2e75f512af4e92ede927e8fd9a2a7566a2d0e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_spsimpleportfolio/assets/js/jquery.shuffle.modernizr.min.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Fri, 11 Feb 2022 17:41:34 GMT
etag: W/"62069fce-3d2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8834
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:00:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8834
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:00:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8834
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:00:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11482 bytes)
Hash
1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 11406
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 11247
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 11256
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7728 bytes)
Hash
027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 10647
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8989 bytes)
Hash
a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 11413
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 63211
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/images/favicon.ico

94.130.205.31

200 OK

1.2 kB

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/images/favicon.ico
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
8894791e84f5cafebd47311d14a3703c
a62b63f076c81788c95a06d586135e6a36bfd217
24168e09893e89aee7daa843fad42b5719bee447b3a2c588b933397822c9637b

HTTP Headers

GET /templates/shaper_floox/images/favicon.ico HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:14 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: "5c111371-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/images/2018/11/28/slide-3.jpg

94.130.205.31

200 OK

434 kB

URL HTTP/2
rhizotechniki.eu/images/2018/11/28/slide-3.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1600x456, components 3\012- data
Size
434 kB (434226 bytes)
Hash
e009f0465c325fcc9b423e233dd5d767
31eba9b93dda67543af9926b6f9678aca2dd842a
1934841e7a2826faaa63ad7587b89b04a74e88ea89f093049afa771550dc0e94

HTTP Headers

GET /images/2018/11/28/slide-3.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 434226
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-6a032"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/js/bootstrap.min.js

94.130.205.31

200 OK

439 kB

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/js/bootstrap.min.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32033)
Size
439 kB (438844 bytes)
Hash
27aeb2a37b88fcbe724839b646def442
1df2abed5bc5df9b816c42e644269c69a7b7a6d6
d208824b472b5db4a80f579089e8977f6cab6fa2b8c523d0333a07f0cb885c91

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /templates/shaper_floox/js/bootstrap.min.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-90b5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/images/2018/11/28/slide-2.jpg

94.130.205.31

200 OK

603 kB

URL HTTP/2
rhizotechniki.eu/images/2018/11/28/slide-2.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1600x456, components 3\012- data
Size
603 kB (603148 bytes)
Hash
5103080ea843845971f00e369d1c9ef2
ee7e0e9fe05efcfb3697008b4402d43759523875
fb629242f0029816ab49d631838a001c2099474a76244385b1e21a001861fe3c

HTTP Headers

GET /images/2018/11/28/slide-2.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 603148
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-9340c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/images/2018/11/28/slide-5.jpg

94.130.205.31

200 OK

576 kB

URL HTTP/2
rhizotechniki.eu/images/2018/11/28/slide-5.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1600x456, components 3\012- data
Size
576 kB (576237 bytes)
Hash
63862909443105acc4703a97ec1b0b28
ea6dc682c141252ce955116d305911a2ef2ea64b
72e11faee4c36e9e4a2067625916da9ae063837133c5736da6fd55e58964d70b

HTTP Headers

GET /images/2018/11/28/slide-5.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 576237
last-modified: Wed, 12 Dec 2018 13:56:00 GMT
etag: "5c111370-8caed"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

rhizotechniki.eu/images/2018/12/20/slide-1.jpg

94.130.205.31

200 OK

608 kB

URL HTTP/2
rhizotechniki.eu/images/2018/12/20/slide-1.jpg
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1600x456, components 3\012- data
Size
608 kB (608093 bytes)
Hash
d1a1a2afcf417fd4bb5640ae0129e81d
07948a482fb52d75eb3884292ccd6842a42c6ace
f0a0b5244b9493dfdabf616e99a5788ca041ac779884db79c71ed926499d7e96

HTTP Headers

GET /images/2018/12/20/slide-1.jpg HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: image/jpeg
content-length: 608093
last-modified: Thu, 20 Dec 2018 10:43:18 GMT
etag: "5c1b7246-9475d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6901 bytes)
Hash
89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Yy5pEWjBXne3kPQxZCLQdqdamtqa4udO00I6ro3bMUDTybHTZY_DgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:53:43 GMT
age: 11198
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/floox-icon.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/floox-icon.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/floox-icon.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-601"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/css/magnific-popup.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/css/magnific-popup.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /components/com_sppagebuilder/assets/css/magnific-popup.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-1720"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/system/js/core.js?2f38d1fbcbafcb17e64907822df60488 HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: W/"5d26190a-2268"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/font-awesome.min.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/font-awesome.min.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/font-awesome.min.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-7918"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_spsimpleportfolio/assets/css/featherlight.min.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_spsimpleportfolio/assets/css/featherlight.min.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /components/com_spsimpleportfolio/assets/css/featherlight.min.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Fri, 11 Feb 2022 17:41:34 GMT
etag: W/"62069fce-4da"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/template.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/template.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/template.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 31 Jul 2019 17:29:37 GMT
etag: W/"5d41d001-2cdf4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/presets/preset2.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/presets/preset2.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/presets/preset2.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 31 Jul 2019 17:29:37 GMT
etag: W/"5d41d001-2c09"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/js/sppagebuilder.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/js/sppagebuilder.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_sppagebuilder/assets/js/sppagebuilder.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-1144e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu//templates/shaper_floox/css/slide-animate.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu//templates/shaper_floox/css/slide-animate.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //templates/shaper_floox/css/slide-animate.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-10cbc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_spsimpleportfolio/assets/css/spsimpleportfolio.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_spsimpleportfolio/assets/css/spsimpleportfolio.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /components/com_spsimpleportfolio/assets/css/spsimpleportfolio.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Fri, 11 Feb 2022 17:41:34 GMT
etag: W/"62069fce-1b93"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/plugins/system/jce/css/content.css?aa754b1f19c7df490be4b958cf085e7c

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/plugins/system/jce/css/content.css?aa754b1f19c7df490be4b958cf085e7c
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /plugins/system/jce/css/content.css?aa754b1f19c7df490be4b958cf085e7c HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Fri, 11 Feb 2022 17:41:27 GMT
etag: W/"62069fc7-1e45"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/featherlight.min.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_spsimpleportfolio/assets/js/featherlight.min.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_spsimpleportfolio/assets/js/featherlight.min.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Fri, 11 Feb 2022 17:41:34 GMT
etag: W/"62069fce-1679"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/js/main.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/js/main.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /templates/shaper_floox/js/main.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-3a42"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/frontend-edit.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/frontend-edit.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/frontend-edit.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 31 Jul 2019 17:29:37 GMT
etag: W/"5d41d001-abc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu//templates/shaper_floox/css/owl.theme.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu//templates/shaper_floox/css/owl.theme.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //templates/shaper_floox/css/owl.theme.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-41f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&subset=cyrillic-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&subset=cyrillic-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Noto+Sans:regular,italic,700,700italic&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 01:00:13 GMT
date: Sun, 04 Dec 2022 01:00:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rhizotechniki.eu//templates/shaper_floox/js/owl.carousel.min.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu//templates/shaper_floox/js/owl.carousel.min.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //templates/shaper_floox/js/owl.carousel.min.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-9dd1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/js/frontend-edit.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/js/frontend-edit.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /templates/shaper_floox/js/frontend-edit.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-79c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/css/animate.min.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/css/animate.min.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /components/com_sppagebuilder/assets/css/animate.min.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-d0b7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu//templates/shaper_floox/css/owl.transitions.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu//templates/shaper_floox/css/owl.transitions.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //templates/shaper_floox/css/owl.transitions.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-117c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/legacy.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/legacy.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/legacy.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 31 Jul 2019 17:29:37 GMT
etag: W/"5d41d001-6b75"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/jui/js/jquery-migrate.min.js?2f38d1fbcbafcb17e64907822df60488 HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 10 Jul 2019 16:57:46 GMT
etag: W/"5d26190a-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/js/jquery.sticky.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/js/jquery.sticky.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /templates/shaper_floox/js/jquery.sticky.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-166b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/css/sppagebuilder.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/css/sppagebuilder.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /components/com_sppagebuilder/assets/css/sppagebuilder.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-297b7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700&subset=latin

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700&subset=latin
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:300,regular,500,600,700&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 01:00:13 GMT
date: Sun, 04 Dec 2022 01:00:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rhizotechniki.eu/templates/shaper_floox/css/bootstrap.min.css

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/templates/shaper_floox/css/bootstrap.min.css
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /templates/shaper_floox/css/bootstrap.min.css HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: text/css
last-modified: Wed, 12 Dec 2018 13:56:01 GMT
etag: W/"5c111371-1d970"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js

94.130.205.31

200 OK

0 B

URL HTTP/2
rhizotechniki.eu/components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js
IP
94.130.205.31:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /components/com_sppagebuilder/assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: rhizotechniki.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhizotechniki.eu/
Cookie: 12f2a431e9758f2a0176cb5a2bce88c4=oa26fui3vnuibv38muhosahl8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:00:13 GMT
content-type: application/javascript
last-modified: Mon, 05 Aug 2019 22:23:42 GMT
etag: W/"5d48ac6e-4e24"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations