Report - buchhaltezelle.de/

Report Overview

Submitted URL
buchhaltezelle.de/
IP
195.63.103.228
ASN
#12312 ecotel communication ag
Submitted
2022-11-23 00:34:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
buchhaltezelle.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	358 B	195.63.103.228
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
consent.cookiebot.com	4972	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	32 kB	104.84.152.233
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	100.20.30.105
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	433 B	192.0.77.48
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.buchhaltezelle.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	1.4 MB	195.63.103.228
consentcdn.cookiebot.com	5676	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	962 B	1.8 kB	104.110.3.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-23	medium	buchhaltezelle.de/	Phishing
2022-11-23	medium	www.buchhaltezelle.de/	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/uploads/2018/10/xlibrary-1147815_1920.jpg.pagespeed.ic.m9fI-Sh_BJ.webp	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/themes/arouse/fonts/fontawesome-webfont.woff2?v=4.6.3	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/uploads/2019/11/xStempel-150x150.jpg.pagespeed.ic.VPktXMuO7Z.webp	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-32x32.jpg.pagespeed.ic.7t2eQegnEo.webp	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-192x192.jpg.pagespeed.ic.w-1LUpLlUP.webp	Phishing
2022-11-23	medium	www.buchhaltezelle.de/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.buchhaltezelle.de%2F	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-content/uploads/2019/12/x20191206_163543-scaled-e1575745137308-532x1024.jpg.pagespeed.ic.fH_nbIlvD1.webp	Phishing
2022-11-23	medium	www.buchhaltezelle.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.buchhaltezelle.de/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js	90 kB	2023-03-08	2024-04-04
Pretty URL www.buchhaltezelle.de/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:42 Last Seen2024-04-04 21:33:07 Times Seen225 Hash 61e42b56664a9f8e164a214158d0bc6a 5f7c1613499b33420f1f09e64424cda25c631f4f 1babd2f2ea269f6c0f37a99474b66895612a941d4748b7a355dd7cda17923ef8 Loading...

	www.buchhaltezelle.de/wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js	17 kB	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash 11d40769fc4ae0013f7fc42a94c515d0 185f72d2f8119d404a0fe9d511fece78ffcb3563 4a89f8fcb6ff7c54638507b6aaef314ef88cd30020077d9736c01d220d7b6284 Loading...

	www.buchhaltezelle.de/	2.1 kB	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash 2128a75143e7ab552b15129758bc0d09 ca33485529d96204ded400b8eabe650d982e1c0b 502dc942549f4fb2b478e01f880d0ab2f4fc2b943934e2defa3e678b627901be Loading...

	www.buchhaltezelle.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-24
Pretty URL www.buchhaltezelle.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 08:08:07 Times Seen38030 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-05-26
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash 60b07fc4bf338b9c6c47ae68142fef81 ba06b1aaf0b3198d2ef2a939e28653b8a59d1f84 f747383c3bd4894e4d585f1888e0169560d9afdd06ea5c2deae5afb3ca049538 Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash eccb548fac303965ec62572f11618f62 ff2f4f81678f616c13f39dc518c79e538362593e 6689e3c0d9951adbc323f8795a687ad97f1210dbe1def59ac9440bc0e2c1e2dd Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash f98b151892e50c9fe7c1c852c6573ff6 1c5baa09f2929b05863faa86a9e8dc36ffd7f727 b19ddb34cf2ad9cf57cfe67d04439f49a882d8b00c7ada389c8b65f8e41feefe Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-05-26
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash fe788d8e88a5e9edfc1ad838613f4705 74e7fde56080950ec36484a531140472a003a4a6 76f78e113b9ba8df76e5a041cdcd4da1b3e451ebec7e573841758a045e1018b9 Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-05-26
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash c0a65d5933f557fa8845ad25a3058ee3 614cdb09d9f09a37e964a050823b50e4de503087 2c827e2410b7cc20e12baac80e17bdbfdaa0997421fc7ea265672d6ffb0412bc Loading...

	www.buchhaltezelle.de/	4.0 kB	2023-03-11	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash f21c061044e35b651a8de8ff4735babb 6cfaac530a3beb8daecb551574f5add193ebb9d0 57a12cbba9e16144a7ab3d8147ce68721b8f8ee07bbce36ee2d0a3b80d4070fe Loading...

	consent.cookiebot.com/uc.js	103 kB	2023-03-08	2023-03-17
Pretty URL consent.cookiebot.com/uc.js IP 104.84.152.233 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:58 Last Seen2023-03-17 23:08:52 Times Seen1 Hash 46a765d70e4c842730680a719d0b3a01 e1240fadffba87daf9dbd9c560d655a3326d6cbf 8a540cc5945aea6d81f7705af39fc8868fe7e72bcbf2f0396ace451451109e22 Loading...

	consentcdn.cookiebot.com/consentconfig/f4f0b9c4-809e-4371-9153-3fd799c9892e/buchhaltezelle.de/configuration.js	505 B	2023-03-11	2023-03-11
Pretty URL consentcdn.cookiebot.com/consentconfig/f4f0b9c4-809e-4371-9153-3fd799c9892e/buchhaltezelle.de/configuration.js IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash be59d7b440cd7587b8eb18b333686ea6 3117200b10e5880019ae97f4d3e313c9407e70f1 af899d63041568fe413d6494e0be1c247fc5c8f2cc4e98cd0fe0d49aab4787cf Loading...

	consent.cookiebot.com/f4f0b9c4-809e-4371-9153-3fd799c9892e/cc.js?renew=false&referer=www.buchhaltezelle.de&dnt=false&init=false&culture=DE	240 kB	2023-03-11	2023-03-11
Pretty URL consent.cookiebot.com/f4f0b9c4-809e-4371-9153-3fd799c9892e/cc.js?renew=false&referer=www.buchhaltezelle.de&dnt=false&init=false&culture=DE IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash dbd10c0dc6936315cd0efe98e84716c8 2332130ff761b537ba7980321c584199282c480e 1b37d72604ff2fdd3eeb4001fd50c985e6559f731150a31c3aff1f70aa88bc0d Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	569 B	2023-03-07	2023-07-06
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2023-07-06 06:53:25 Times Seen429 Hash c3ec01c3d295c22ea26afa0db60f3cd2 1b4b3461aa8d9b25a1c5f9e7472fabb0fe410053 2eca2b34bebf4e267d33b18974f96e62281bb48795c85db0c5c4c9ef1f9d4ef4 Loading...

	www.buchhaltezelle.de/wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js	27 kB	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash 5d88625f1160f50131c39b6eb0831baf ea2550cac2ba64d5a27d2e3540567b3c1b33962f 8eb14bd569e69584c97a4a6ded9c8a7a5f7dcc042a1576552ccace9dd368fc0e Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:34 Times Seen1 Hash 551d938bb2f34da316c9bda83c9ad132 e58ee61de650a47e361e81a9c1f11da7b9d2cc0d ef0b339fe54b6ce16d680a8a23bc5d615946c7e5a0a728368dfb588a4b6e02f2 Loading...

	www.buchhaltezelle.de/	1.6 kB	2023-03-11	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash d28e6589e829c0683ecb260ae6a44bf2 2054a3beb97f5d750759dcfc8d4414e9743facee b3b0d12d6ca29975c24db94df6ad567b4ca50fc091c7b67b13d3ca24ed1a1ee9 Loading...

	www.buchhaltezelle.de/	1.7 kB	2023-03-11	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash d162d18f7137f2ab7bd38bc1c413641c cadb60a2683429feb61115b6d43164fe2ea49fde 30f20c2ae8eae190dd771cac2667372b9e710daabdd4f376d285d57b429e5b94 Loading...

	www.buchhaltezelle.de/	31 B	2023-03-08	2023-05-26
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash b16fe9fc15ba1a4a41361279469b0a49 803d41c927cc9ea0cd270ee968af3354b5be6326 0d14b4d6227dc618002d68a9ef1ee13663457194fbc818ddef231ae81e7918ac Loading...

	www.buchhaltezelle.de/	428 B	2023-03-08	2023-05-26
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash eaf4713e2a7f14bfc6be19f8e784ed4c ef38f8696074a68fc3243239ebbae822369a4001 973262de10e5c8dbbd8a90bad0274aad3c010779e383a5f5d4845b5bf2ace47e Loading...

	www.buchhaltezelle.de/	1.1 kB	2023-03-11	2023-03-11
Pretty URL www.buchhaltezelle.de/ IP 195.63.103.228 ASN #12312 ecotel communication ag Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:59:34 Last Seen2023-03-11 15:59:34 Times Seen1 Hash 7f692c7afe097c918c828de9211fdc6b 56bc8d5b7c23aecf10cc8e3ce8753db17ca4ab29 04e83cd1e9a29e113b11f022878919edb04a3b0b797c2da761b5dd22345b8ef5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0f62bae06dbeff9fcbaf1d9a2b65d4e4	2.7 kB	2023-03-08	2023-05-26
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash 0f62bae06dbeff9fcbaf1d9a2b65d4e4 c93ee0a67d8605c61f77b9827c34d336ccc6007f fdd1c2ab3e9747b7a257cccc8df79c52bf368b5351b19aad25644b7d02215b11 Loading...

	#2 Eval - d3f8ef7bd1f662059932046713b45d17	325 B	2023-03-08	2023-05-26
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash d3f8ef7bd1f662059932046713b45d17 bb7f412329dd9349bab6b3e06f429f51e65097a0 a6f9e753df7c70282da6e3dc29ae6a25e027f1beda38b3065068969ec10fae78 Loading...

	#3 Eval - aaf376b96abfbd1fc7a29375ea135c94	580 B	2023-03-08	2024-04-04
Pretty Observations First Seen2023-03-08 00:51:08 Last Seen2024-04-04 21:33:07 Times Seen7 Hash aaf376b96abfbd1fc7a29375ea135c94 920998e99749194054dbc92b20b90bd156720d0c 056bb890801fe471faba6d05149b396537aa7485c97a8a01ec030be5cf423f93 Loading...

	#4 Eval - 45235eb74d2e30d59ddf49cab12f59db	8.6 kB	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-03-11 15:59:35 Times Seen1 Hash 45235eb74d2e30d59ddf49cab12f59db d18793726f3fb5ff9de0ad9617f413b0a8d16fd5 84e76afa45f60a27a8fa2dccbca4ec282a111fa3b6420318a054eb05156c8ed3 Loading...

	#5 Eval - 8c1466eccb2d9e8b4a605e77c7463cea	7.2 kB	2023-03-08	2023-05-26
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash 8c1466eccb2d9e8b4a605e77c7463cea c2b8c60319065ec6702049f8b65b3a17acc180e6 e2dcb77ad88cc8938df093a5201374f26cdb61b6912ed7b1fa7adb76ec7ac1ee Loading...

	#6 Eval - cf5f1b613872347fc27f807602161ce3	22 kB	2023-03-08	2023-09-19
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-09-19 02:53:33 Times Seen18 Hash cf5f1b613872347fc27f807602161ce3 87bf3fb1a3cbef913360e93fc1720cd8b674ac73 e932e6148fe07cf1e187a52597c7bcdae8b473f2ce254361f9cac76002674eca Loading...

	#7 Eval - ed3c041de351cab34f496ed511639628	726 B	2023-03-08	2023-05-26
Pretty Observations First Seen2023-03-08 21:19:21 Last Seen2023-05-26 03:32:46 Times Seen2 Hash ed3c041de351cab34f496ed511639628 68a7a31d380568c4270f24a697da43a25745c250 5e667ffbd6fdf2c82746a5d2ce2085277c1a4922ec992fbe670f43d131a3cb7e Loading...

HTTP Transactions (50)

URL IP Response Size

buchhaltezelle.de/

195.63.103.228

301 Moved Permanently

162 B

URL HTTP/1.1
buchhaltezelle.de/
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 00:34:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.buchhaltezelle.de/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7156
Expires: Wed, 23 Nov 2022 02:33:18 GMT
Date: Wed, 23 Nov 2022 00:34:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1722
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 00:34:02 GMT
Last-Modified: Wed, 23 Nov 2022 00:05:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10180
Expires: Wed, 23 Nov 2022 03:23:42 GMT
Date: Wed, 23 Nov 2022 00:34:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 00:09:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1482
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: S2eqge5aGym6aLrlt2560FEBxmvatf/5RPkxT0Lun2y6tcMIV3I1GAfB1F16qrGw0CnA1YOy4wc=
x-amz-request-id: XJ7VWHMTWKCGPRSM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 23:42:46 GMT
age: 3076
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
312f2b5cd9ad89aeb3133ba2eaf20efe
15f5091a7f5a443996d0824796c0ddf06b06543e
0fc13a6364c1034828a1cdb0286088fb1e0d786795d380359118d1171c330883

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC13A6364C1034828A1CDB0286088FB1E0D786795D380359118D1171C330883"
Last-Modified: Sun, 20 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 06:34:02 GMT
Date: Wed, 23 Nov 2022 00:34:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 00:11:10 GMT
cache-control: public,max-age=3600
age: 1372
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4764
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 00:34:02 GMT
Last-Modified: Tue, 22 Nov 2022 23:14:38 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

www.buchhaltezelle.de/

195.63.103.228

200 OK

16 kB

URL HTTP/2
www.buchhaltezelle.de/
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9104), with CRLF, LF line terminators
Size
16 kB (15602 bytes)
Hash
f4dc7181518abc3be882c58f24e1b109
0c1872dd73163939bb88c5213c6f31ed1e875e5d
c90d8f74a6b6d03c020185ec59535759afdfecedc4c91aa29022db7e92f8eccf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/html; charset=UTF-8
content-length: 15602
link: <https://www.buchhaltezelle.de/wp-json/>; rel="https://api.w.org/", <https://www.buchhaltezelle.de/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.buchhaltezelle.de/>; rel=shortlink
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, s-maxage=10
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

consent.cookiebot.com/uc.js

104.84.152.233

200 OK

32 kB

URL HTTP/2
consent.cookiebot.com/uc.js
IP
104.84.152.233:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Size
32 kB (31718 bytes)
Hash
c8f7ad4768a16672f57131490149c3d0
c943c68aaa059f06744868bb239f06d900d41464
b5a1e40fab60b20e8b25517f6a7e6d27f21af0788959cdf3d52f5b94164cba0c

HTTP Headers

GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=775
expires: Wed, 23 Nov 2022 00:46:58 GMT
date: Wed, 23 Nov 2022 00:34:03 GMT
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/css/A.font-awesome.min.css,qver=4.6.3.pagespeed.cf.YaV9IcR0kC.css

195.63.103.228

200 OK

6.6 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/css/A.font-awesome.min.css,qver=4.6.3.pagespeed.cf.YaV9IcR0kC.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (28863), with no line terminators
Size
6.6 kB (6554 bytes)
Hash
6cafa55ff9a0d8ab6244b35ecf8e1db3
45efa6fbfb7504cbb429ad3dfaf500c1df375bf4
b340a1fb1b3c2363875a1333d4be60797f7845f41c5f3ec61a657f463a257f58

HTTP Headers

GET /wp-content/themes/arouse/css/A.font-awesome.min.css,qver=4.6.3.pagespeed.cf.YaV9IcR0kC.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 6554
accept-ranges: bytes
x-original-content-length: 29062
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/A.style.css,qver=6.1.1.pagespeed.cf.C9DcHJt9fU.css

195.63.103.228

200 OK

7.8 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/A.style.css,qver=6.1.1.pagespeed.cf.C9DcHJt9fU.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (19427), with CRLF line terminators
Size
7.8 kB (7778 bytes)
Hash
91cc960cb55286cf7e1e41a2d72f99ec
d09965553e7c96a383f0cde88addb51b1bb633c2
e558162556d0d97520db25a28307213a379890e64861f3f43897c50acf395b28

HTTP Headers

GET /wp-content/themes/arouse/A.style.css,qver=6.1.1.pagespeed.cf.C9DcHJt9fU.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 7778
accept-ranges: bytes
x-original-content-length: 54974
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/css/A.flexslider.css,qver=6.1.1.pagespeed.cf.6XPvWgN58J.css

195.63.103.228

200 OK

1.2 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/css/A.flexslider.css,qver=6.1.1.pagespeed.cf.6XPvWgN58J.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (4288), with no line terminators
Size
1.2 kB (1240 bytes)
Hash
40aafd9c25c6ef9e32711380605cc032
1a6b40afb146f120c3b63cca49eda9d0024c3b68
b578123509908a16aaa5dcd62c32e6308a77f898074a77dbc266bfe19310f594

HTTP Headers

GET /wp-content/themes/arouse/css/A.flexslider.css,qver=6.1.1.pagespeed.cf.6XPvWgN58J.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 1240
accept-ranges: bytes
x-original-content-length: 6718
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/A.rateit.css,qver=2.0.0.pagespeed.cf.1ZLt3HCagp.css

195.63.103.228

200 OK

730 B

URL HTTP/2
www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/A.rateit.css,qver=2.0.0.pagespeed.cf.1ZLt3HCagp.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (2335), with no line terminators
Size
730 B (730 bytes)
Hash
612c59e61750c70b0440a227a1d92014
daa1a808fb0f02a214d1d90c827a51ca47581907
d3971f4a5867deaca2a7254a5096df5d12c3519ca1cacec32e2a421763265af2

HTTP Headers

GET /wp-content/plugins/gwolle-gb-addon/assets/rateit/A.rateit.css,qver=2.0.0.pagespeed.cf.1ZLt3HCagp.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 730
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:01 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:01 GMT
x-original-content-length: 3639
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/plugins/gwolle-gb/frontend/css/A.gwolle-gb-frontend.css,qver=4.4.1.pagespeed.cf.SPchtdYRYO.css

195.63.103.228

200 OK

2.0 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/plugins/gwolle-gb/frontend/css/A.gwolle-gb-frontend.css,qver=4.4.1.pagespeed.cf.SPchtdYRYO.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
Unicode text, UTF-8 text, with very long lines (4805)
Size
2.0 kB (1961 bytes)
Hash
050d30101bf1093ba2cdd648b80bb406
52f60982acbdc6cf9cd842ab9c3ee91d53d6dcc6
6a2c00f78114eddfe755681eff760c07cfa7ce7d9e7cffd001248d0cfb3194a9

HTTP Headers

GET /wp-content/plugins/gwolle-gb/frontend/css/A.gwolle-gb-frontend.css,qver=4.4.1.pagespeed.cf.SPchtdYRYO.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 1961
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:01 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:01 GMT
x-original-content-length: 9185
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js

195.63.103.228

200 OK

31 kB

URL HTTP/2
www.buchhaltezelle.de/wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30933 bytes)
Hash
157a94458da0e36e33c49d7b5f5c286d
383b7706af6b037991e337e923bcb2549ebe9dae
cd9b721b4b2ce8f2465e4e007faa17fe5451238801b13d5663c2687925153800

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js,qver=3.6.1.pagespeed.jm.YeQrVmZKn4.js HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: application/javascript
content-length: 30933
accept-ranges: bytes
x-original-content-length: 89684
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js

195.63.103.228

200 OK

11 kB

URL HTTP/2
www.buchhaltezelle.de/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
data
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: application/javascript
content-length: 11224
last-modified: Thu, 10 Dec 2020 06:18:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-original-content-length: 11224
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:25 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js

195.63.103.228

200 OK

4.5 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
Unicode text, UTF-8 text, with very long lines (8716)
Size
4.5 kB (4456 bytes)
Hash
95e6f3802ce706a179ed005c9c2fc792
4232f48923aede7f71ee82f7668943d13172fcea
5ff519bedd3b05a4a9c35a94f1fa6c121b26c2d7f1b537249d30d6d675c636ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gwolle-gb,_frontend,_js,_gwolle-gb-frontend.js,qver==4.4.1+gwolle-gb-addon,_frontend,_js,_gwolle-gb-addon-frontend.js,qver==2.0.0+gwolle-gb-addon,_assets,_rateit,_jquery.rateit.min.js,qver==2.0.0.pagespeed.jc.EdQHafxK4A.js HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: application/javascript
content-length: 4456
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 22056
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js

195.63.103.228

200 OK

7.6 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (22891)
Size
7.6 kB (7597 bytes)
Hash
cfa4ebca5ffb695d96f496a913fa187b
ae9e8334e70d2c4e318669c158b11be98e818980
890a8b1c79981d1e1ad62bc41a9c5c20bab85bdb82d864810cf930eaf7813803

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/arouse/js/navigation.js,qver==20151215+skip-link-focus-fix.js,qver==20151215+jquery.flexslider-min.js,qver==6.1.1+flex-custom.js,qver==6.1.1.pagespeed.jc.XYhiXxFg9Q.js HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: application/javascript
content-length: 7597
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0-gzip"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 27559
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

consentcdn.cookiebot.com/consentconfig/f4f0b9c4-809e-4371-9153-3fd799c9892e/buchhaltezelle.de/configuration.js

104.110.3.72

200 OK

505 B

URL HTTP/2
consentcdn.cookiebot.com/consentconfig/f4f0b9c4-809e-4371-9153-3fd799c9892e/buchhaltezelle.de/configuration.js
IP
104.110.3.72:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (505), with no line terminators
Size
505 B (505 bytes)
Hash
be59d7b440cd7587b8eb18b333686ea6
3117200b10e5880019ae97f4d3e313c9407e70f1
af899d63041568fe413d6494e0be1c247fc5c8f2cc4e98cd0fe0d49aab4787cf

HTTP Headers

GET /consentconfig/f4f0b9c4-809e-4371-9153-3fd799c9892e/buchhaltezelle.de/configuration.js HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "be59d7b440cd7587b8eb18b333686ea6:1667474605.248574"
last-modified: Thu, 03 Nov 2022 11:23:25 GMT
server: AkamaiNetStorage
content-length: 505
cache-control: max-age=86400
expires: Thu, 24 Nov 2022 00:34:03 GMT
date: Wed, 23 Nov 2022 00:34:03 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=52
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css

195.63.103.228

200 OK

12 kB

URL HTTP/2
www.buchhaltezelle.de/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (12371 bytes)
Hash
ea5a200adfa603eb5bcd91387572956d
6ae3de72b9b8728b39a30db964814cc001f38a42
b88bc65922551151200c0ce881beaa47e142ff4594841625fd6c5d01104c15e3

HTTP Headers

GET /wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 12371
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 94889
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hsp5ePvWwOqj2GvsFj0Q4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 83aFHlXh1Ws0th1R/8JMtYXmY34=

www.buchhaltezelle.de/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css

195.63.103.228

200 OK

79 kB

URL HTTP/2
www.buchhaltezelle.de/wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
data
Size
79 kB (78830 bytes)
Hash
964485b26f433b416415f9473bf043ae
69a30d73f048f00aaeb41e72455097a79e3701b3
94359b18afce5efbdabf395a30d99edeaee12546bddcb01d3d390c8540f659f9

HTTP Headers

GET /wp-includes/css/dist/block-library/A.style.min.css,qver=6.1.1.pagespeed.cf.s5bSa4kM1r.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 94889
last-modified: Wed, 16 Nov 2022 04:27:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-original-content-length: 94889
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:57 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2018/10/xlibrary-1147815_1920.jpg.pagespeed.ic.m9fI-Sh_BJ.webp

195.63.103.228

200 OK

1.1 MB

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2018/10/xlibrary-1147815_1920.jpg.pagespeed.ic.m9fI-Sh_BJ.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1271, components 3\012- data
Size
1.1 MB (1072242 bytes)
Hash
a4a4b659666710365acd5bd87321c454
28646e29e55231b9c06135fb9bf954e0f13a87ba
3d0b9c5411a46fa1b7a4eaebfbd447776207729a8f93fd691de51fc7449518b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2018/10/xlibrary-1147815_1920.jpg.pagespeed.ic.m9fI-Sh_BJ.webp HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/jpeg
content-length: 1072242
last-modified: Mon, 08 Oct 2018 12:25:16 GMT
accept-ranges: bytes
link: <https://www.buchhaltezelle.de/wp-content/uploads/2018/10/library-1147815_1920.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:58 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/fonts/fontawesome-webfont.woff2?v=4.6.3

195.63.103.228

200 OK

72 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/arouse/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/wp-content/themes/arouse/css/A.font-awesome.min.css,qver=4.6.3.pagespeed.cf.YaV9IcR0kC.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: font/woff2
content-length: 71896
last-modified: Mon, 08 Oct 2018 12:19:42 GMT
cache-control: s-maxage=10
etag: "5bbb4b5e-118d8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2019/11/xStempel-150x150.jpg.pagespeed.ic.VPktXMuO7Z.webp

195.63.103.228

200 OK

5.8 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2019/11/xStempel-150x150.jpg.pagespeed.ic.VPktXMuO7Z.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.8 kB (5834 bytes)
Hash
54f92d5ccb8eed91cc8750875fa9be9b
f9f6c6bb5d797e6aacbaa95b9738930be550e620
1bcbe55b974eed8d166ab475c76d7ef83614bf1386946179325ac6d49c0954d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/11/xStempel-150x150.jpg.pagespeed.ic.VPktXMuO7Z.webp HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/webp
content-length: 5834
link: <https://www.buchhaltezelle.de/wp-content/uploads/2019/11/Stempel-150x150.jpg>; rel="canonical"
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 18585
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2018/10/xbuecherei-300x173.png.pagespeed.ic.yEyg9nlkPu.png

195.63.103.228

200 OK

25 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2018/10/xbuecherei-300x173.png.pagespeed.ic.yEyg9nlkPu.png
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
PNG image data, 300 x 173, 8-bit gray+alpha, non-interlaced\012- data
Size
25 kB (25257 bytes)
Hash
f83a16ca52ea2b86fde520cbb4cb8648
8a53cb33d115d317e65ad13b94e63b09475a377f
a4d88b09553cbf301a87f5af3151070d3dcb72dbffab1ca2adbb815feb75fdc9

HTTP Headers

GET /wp-content/uploads/2018/10/xbuecherei-300x173.png.pagespeed.ic.yEyg9nlkPu.png HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/png
content-length: 25257
last-modified: Tue, 23 Oct 2018 18:48:09 GMT
accept-ranges: bytes
link: <https://www.buchhaltezelle.de/wp-content/uploads/2018/10/buecherei-300x173.png>; rel="canonical"
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:58 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

consentcdn.cookiebot.com/sdk/bc-v4.min.html

104.110.3.72

200 OK

392 B

URL HTTP/2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
104.110.3.72:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Size
392 B (392 bytes)
Hash
e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35

HTTP Headers

GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Thu, 02 Nov 2023 14:26:00 GMT
date: Wed, 23 Nov 2022 00:34:03 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-32x32.jpg.pagespeed.ic.7t2eQegnEo.webp

195.63.103.228

200 OK

398 B

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-32x32.jpg.pagespeed.ic.7t2eQegnEo.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
398 B (398 bytes)
Hash
eedd9e41e8271283b6a38aec0e60b5e2
f93eb27548d3c4c34f231be81da4a9fd6b17518f
351f2cfdf780c184c1dd835be8333cd9d26e75937a0ea1ab6a079fc760828d7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-32x32.jpg.pagespeed.ic.7t2eQegnEo.webp HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/webp
content-length: 398
link: <https://www.buchhaltezelle.de/wp-content/uploads/2018/10/cropped-Buchhaltezelle-1-32x32.jpg>; rel="canonical"
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 21569
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-192x192.jpg.pagespeed.ic.w-1LUpLlUP.webp

195.63.103.228

200 OK

2.5 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-192x192.jpg.pagespeed.ic.w-1LUpLlUP.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.5 kB (2532 bytes)
Hash
c3ed4b5292e550f8ddce7382ebe18ef3
e179bc076ac424f17cca97aeba506001382fe57d
22b2ce9dafe1b9d5c24e885807339e7585d7f9e61ddf190d303d11ccc1c321e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2018/10/xcropped-Buchhaltezelle-1-192x192.jpg.pagespeed.ic.w-1LUpLlUP.webp HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/webp
content-length: 2532
link: <https://www.buchhaltezelle.de/wp-content/uploads/2018/10/cropped-Buchhaltezelle-1-192x192.jpg>; rel="canonical"
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:03 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:03 GMT
x-original-content-length: 26049
x-powered-by: PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Wed, 23 Nov 2022 02:00:05 GMT
Date: Wed, 23 Nov 2022 00:34:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Wed, 23 Nov 2022 02:00:05 GMT
Date: Wed, 23 Nov 2022 00:34:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Wed, 23 Nov 2022 02:00:05 GMT
Date: Wed, 23 Nov 2022 00:34:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Wed, 23 Nov 2022 02:00:05 GMT
Date: Wed, 23 Nov 2022 00:34:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Wed, 23 Nov 2022 02:00:05 GMT
Date: Wed, 23 Nov 2022 00:34:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19d78a60-e0f0-4143-8860-934548b7f5d4.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19d78a60-e0f0-4143-8860-934548b7f5d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5913 bytes)
Hash
5fe889ae2db174ec39ba42339b1cc1f8
f420e43f4350d7f1469ae35537bdd3cc747152b0
cab9aff75d385706be812e6cd1998d3db1ba99e44f9cde432acd50dcb1b90df7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19d78a60-e0f0-4143-8860-934548b7f5d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: ad2f2886-9624-4616-b1a6-7a21d4f00b71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_FGbIAMFQQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-7a36067b0567b3a43cfe6312;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p8U0qcGhS-EGrGqQcq6Db1KJkFpoBYYdwjstPciFMN3bXaqEc9ZQZg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:47:13 GMT
age: 10011
etag: "f420e43f4350d7f1469ae35537bdd3cc747152b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: a00f5ff7-02af-40e4-9f40-2814025de9db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b42xTFSEIAMFt2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d1a1-783544906babf838250f304e;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q0m5Ptq0i6ccv2vdjecllPPHRfnb-BQdO0uJgjKtqOszow4SNYH6Xg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 07:50:10 GMT
age: 60234
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5914 bytes)
Hash
c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 6909
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:28 GMT
age: 9576
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6180 bytes)
Hash
218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:58:36 GMT
age: 70528
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb607df-5b5a-43e1-b231-82f686c992d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8010 bytes)
Hash
f5082fa91cc778a495716efefee2f6e4
f43120e62c6bee31e8dd9654da5d4da39e649121
f88beaf140e9105c67463a7c0e78018849670984c79ee32ad363b29973001b0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb607df-5b5a-43e1-b231-82f686c992d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8010
x-amzn-requestid: af45fc02-5fa4-43b7-ab9b-652dfbff31ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4bIGG9moAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379a566-1640f43e63484b1b2db402c8;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:56:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iScmaCnYtxyqkyyNIqQ1Qpa43t6GKppSzLp7m3h3Cww6nKXPYzzq8w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:30 GMT
age: 8674
etag: "f43120e62c6bee31e8dd9654da5d4da39e649121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/delete.gif.pagespeed.ce.Q-EEW3HaYZ.gif

195.63.103.228

200 OK

752 B

URL HTTP/2
www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/delete.gif.pagespeed.ce.Q-EEW3HaYZ.gif
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
GIF image data, version 89a, 16 x 32\012- data
Size
752 B (752 bytes)
Hash
43e1045b71da619b1d7e53fb3217be93
3edfcae20af124652a75a771cc2208cdd915881d
32cd2462f0572cc6d63fba76837141950a47108f0015cee8f116f69002d1019f

HTTP Headers

GET /wp-content/plugins/gwolle-gb-addon/assets/rateit/delete.gif.pagespeed.ce.Q-EEW3HaYZ.gif HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/A.rateit.css,qver=2.0.0.pagespeed.cf.1ZLt3HCagp.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:04 GMT
content-type: image/gif
content-length: 752
link: <https://www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/delete.gif>; rel="canonical"
accept-ranges: bytes
last-modified: Tue, 19 May 2020 06:20:40 GMT
expires: Thu, 23 Nov 2023 00:34:04 GMT
cache-control: max-age=31536000
etag: W/"0"
x-original-content-length: 752
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/xstar.gif.pagespeed.ic.Bc399azRp3.png

195.63.103.228

200 OK

1.3 kB

URL HTTP/2
www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/xstar.gif.pagespeed.ic.Bc399azRp3.png
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type
PNG image data, 16 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
05cdfdf5acd1a77400241e198c2f9382
919e71d05d54e17e3c130bace2c2ef82e2f0ff4c
9a91c2680eae34079376a73c95116cc8682d9545e790ce2a9d7572cb395d6ba4

HTTP Headers

GET /wp-content/plugins/gwolle-gb-addon/assets/rateit/xstar.gif.pagespeed.ic.Bc399azRp3.png HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/A.rateit.css,qver=2.0.0.pagespeed.cf.1ZLt3HCagp.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:04 GMT
content-type: image/png
content-length: 1317
link: <https://www.buchhaltezelle.de/wp-content/plugins/gwolle-gb-addon/assets/rateit/star.gif>; rel="canonical"
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:34:04 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Wed, 23 Nov 2022 00:34:04 GMT
x-original-content-length: 2460
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.buchhaltezelle.de%2F

195.63.103.228

204 No Content

0 B

URL HTTP/2
www.buchhaltezelle.de/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.buchhaltezelle.de%2F
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /mod_pagespeed_beacon?url=https%3A%2F%2Fwww.buchhaltezelle.de%2F HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: https://www.buchhaltezelle.de
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 00:34:04 GMT
cache-control: max-age=0, no-cache
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/uploads/2019/12/x20191206_163543-scaled-e1575745137308-532x1024.jpg.pagespeed.ic.fH_nbIlvD1.webp

195.63.103.228

200 OK

0 B

URL HTTP/2
www.buchhaltezelle.de/wp-content/uploads/2019/12/x20191206_163543-scaled-e1575745137308-532x1024.jpg.pagespeed.ic.fH_nbIlvD1.webp
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/12/x20191206_163543-scaled-e1575745137308-532x1024.jpg.pagespeed.ic.fH_nbIlvD1.webp HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: image/jpeg
content-length: 109605
last-modified: Sat, 07 Dec 2019 18:58:57 GMT
accept-ranges: bytes
link: <https://www.buchhaltezelle.de/wp-content/uploads/2019/12/20191206_163543-scaled-e1575745137308-532x1024.jpg>; rel="canonical"
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:58 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

195.63.103.228

200 OK

0 B

URL HTTP/2
www.buchhaltezelle.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 08:45:07 GMT
cache-control: s-maxage=10
etag: W/"62b18513-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f609.svg

192.0.77.48

200 OK

0 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f609.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f609.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:04 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.buchhaltezelle.de/wp-content/themes/arouse/css/A.bootstrap.css,qver=3.3.6.pagespeed.cf.Uoxds3ckzp.css

195.63.103.228

200 OK

0 B

URL HTTP/2
www.buchhaltezelle.de/wp-content/themes/arouse/css/A.bootstrap.css,qver=3.3.6.pagespeed.cf.Uoxds3ckzp.css
IP
195.63.103.228:0
ASN
#12312 ecotel communication ag

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/arouse/css/A.bootstrap.css,qver=3.3.6.pagespeed.cf.Uoxds3ckzp.css HTTP/1.1
Host: www.buchhaltezelle.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.buchhaltezelle.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 00:34:03 GMT
content-type: text/css
content-length: 146655
last-modified: Mon, 08 Oct 2018 12:19:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
x-original-content-length: 146655
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Nov 2022 00:38:57 GMT
cache-control: max-age=300,private
x-powered-by: PleskLin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations