| steuer-kel.de/secure/chase/Service/Login/account/auth.php | 46.229.46.185 | 301 Moved Permanently | 162 B |
URL HTTP/1.1steuer-kel.de/secure/chase/Service/Login/account/auth.php IP46.229.46.185:0 ASN#61157 PlusServer GmbH
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /secure/chase/Service/Login/account/auth.php HTTP/1.1
Host: steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 01:06:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf416977a8d6dfaafb2dbfd0e68b871f8 dfa97bd829b03162de91c80133f2fde69b58a8d2 2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5122
Expires: Mon, 23 Jan 2023 02:32:16 GMT
Date: Mon, 23 Jan 2023 01:06:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4714c95a0c854e38f9be444f9343bf14 07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b 4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3811
Expires: Mon, 23 Jan 2023 02:10:25 GMT
Date: Mon, 23 Jan 2023 01:06:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash17094b856fde02b2c8c2d3845ad325cf 26dc3f2ebf81faf5ab96eb75ffcbead6085528b8 6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9925
Expires: Mon, 23 Jan 2023 03:52:19 GMT
Date: Mon, 23 Jan 2023 01:06:54 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 00:34:54 GMT
content-type: application/json
age: 1920
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X7K+ODTu3BN884m7zpdJoBJ+vNdB9G1cFxUV3Zp1IvpjWv035fFK/bb79fL4WuGz7G1o7D/LhME=
x-amz-request-id: RJ3KZB58DDF2PRJH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 00:47:30 GMT
age: 1164
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/secure/chase/Service/Login/account/auth.php | 46.229.46.185 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.steuer-kel.de/secure/chase/Service/Login/account/auth.php IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /secure/chase/Service/Login/account/auth.php HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 01:06:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=rn6cmqbe79n4k315m9iacldl9t; path=/; secure; HttpOnly
Referrer-Policy: unsafe-url
Vary: Accept-Encoding
Location: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Last-Modified: Mon, 23 Jan 2023 01:06:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, no-store, must-revalidate
X-Cached-By: JCH Optimize v7.3.1
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 00:17:30 GMT
age: 2964
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash24210c97a8c8efbdeaff7c302901f9f2 de2eac65a74fb4faebe14e266b3b3aef49dc6e0d 6fa9977bbe4280faf834ac8c55c5524546943f855ad82bcb6fbe75e528e0cdf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FA9977BBE4280FAF834AC8C55C5524546943F855AD82BCB6FBE75E528E0CDF9"
Last-Modified: Mon, 23 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Mon, 23 Jan 2023 07:05:38 GMT
Date: Mon, 23 Jan 2023 01:06:54 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0c74880fa99032b5c3831c179d702419 0020b368309735c94d8053d3781a7efb7283cfc5 437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 720
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:06:55 GMT
Last-Modified: Mon, 23 Jan 2023 00:54:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.187.31.159 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.187.31.159:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I7LE3bLHONHZAUc/oocZ1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JgZT0uXXqB3J23Q68THTfqGStZQ=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8ffcf85106eb83249a86318cba6086de c979cbe6aa25ab6e16b7323877da6b3643afe475 d993dc492572792b5020f7cec566c968dde9c74b2b9687303bc7ffc56189de97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5933
Cache-Control: max-age=131931
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:06:55 GMT
Etag: "63cd26dd-1d7"
Expires: Tue, 24 Jan 2023 13:45:46 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-regular.woff2 | 46.229.46.185 | 200 OK | 45 kB |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-regular.woff2 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 45416, version 1.0\012- data Hash8792a07fbb91f86b18b5d1dbd895443f 4faeeab92f5f162d27640fc78b8cf617001a54a1 95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-regular.woff2 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/custom__error.css?63c7e234
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: font/woff2
content-length: 45416
last-modified: Wed, 15 Jul 2020 14:55:43 GMT
etag: "5f0f18ef-b168"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-700.woff2 | 46.229.46.185 | 200 OK | 47 kB |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-700.woff2 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 46988, version 1.0\012- data Hash3753a441923d9bd79d511de00bc2766e 1c1ed3cb1b47e8d41c799533bca1ef2a41a8bbbf 1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/g5_hydrogen/custom/fonts/pt-sans-v11-latin-700.woff2 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/custom__error.css?63c7e234
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: font/woff2
content-length: 46988
last-modified: Wed, 15 Jul 2020 14:55:43 GMT
etag: "5f0f18ef-b78c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/media/gantry5/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 | 46.229.46.185 | 200 OK | 77 kB |
URL HTTP/2www.steuer-kel.de/media/gantry5/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /media/gantry5/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.steuer-kel.de/media/gantry5/assets/css/font-awesome.min.css?63c7c1cf
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: font/woff2
content-length: 77160
last-modified: Wed, 18 Jan 2023 09:54:23 GMT
etag: "63c7c1cf-12d68"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b83f15b09d | 104.18.22.52 | 200 OK | 2.6 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b83f15b09d IP104.18.22.52:0
File typeASCII text, with very long lines (27832) Hasheaaabd3f60063923cd5333eb1d7a20a1 0da69706105e28896a1f6eeaa91d5bec1b82f7f1 f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b83f15b09d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.steuer-kel.de
Connection: keep-alive
Referer: https://www.steuer-kel.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 78dca12cfce0b521-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b83f15b09d | 104.18.22.52 | 200 OK | 4.2 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b83f15b09d IP104.18.22.52:0
File typeASCII text, with very long lines (26366) Hash7fd743485fa194e25e2a207bff6c258a 97c999d752b95ee1ed6271a29aa58109dc17281e dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b83f15b09d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.steuer-kel.de
Connection: keep-alive
Referer: https://www.steuer-kel.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 78dca12cfcdfb521-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha618971ebc90b5698ddbabc4637e3345 f920b73a7c9b57d77194ba8ba406664d8469b6b6 f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13113
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 01:06:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha618971ebc90b5698ddbabc4637e3345 f920b73a7c9b57d77194ba8ba406664d8469b6b6 f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13113
Expires: Mon, 23 Jan 2023 04:45:29 GMT
Date: Mon, 23 Jan 2023 01:06:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashecf206cacc8cdeeba5f730d98e0570b7 fe131d1a8686593034547d3a465903912abb4cc7 d85a51760a2d0a3587d5e3a876aaf689d7a2efedb3e98a408bd8b88711dc7690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6579
x-amzn-requestid: 41de2a77-b735-4ee7-9dba-743be856ec5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFLFwGQ4oAMFu8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8bbe-3419ffe67988decf6da025ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: T0_2xjAEStWvc5m-PJM4w3pr9pQuPprYOnx5LlS66Pt3d5WmA31tHQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 22:02:39 GMT
etag: "fe131d1a8686593034547d3a465903912abb4cc7"
content-type: image/jpeg
age: 11057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash257cf33430d0e588ce0df41deb9c49d2 c988799bc70b567422821f64bb95ecab4b117e3a 290eec9c2d3874a3951c161174d7fcc297f79d4f547bb9aa741ee85306cd7a90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10481
x-amzn-requestid: a9d3763c-d10b-4918-a54d-67215346ba1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFHEVFxUoAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb854e-1d7dec1810076c6c27f5a44f;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:25:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABOTraN3uT05OLykQNO_cG8YdMyJsc0We-vLtr8XKVRe3cHuFtmBA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 16:16:58 GMT
age: 31798
etag: "c988799bc70b567422821f64bb95ecab4b117e3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe42f475b1e14cb9d0939ef39db8e1f91 dda57d67c7b5f32123d3c9956dec8f805138b3bf ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:42:33 GMT
age: 69863
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash008bdbc8d07694aa05dd561e14e5c8e7 2c4727cd94e60fb6c4f8f09361a479f723e86fc2 f92c2af227f065fdae6976dd2dd23545a3211d79037bbf184b46cb976a2758de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9297
x-amzn-requestid: bd94feb6-b9fe-4893-aa09-d5841a111e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9KRKE85oAMFldA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8573a-08f0f4717d20f7311a32ba52;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 20:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EnG1aHTi5HUYUOI6SIm6Rl_-rP1OxoM7iIqyMgg8Lh1-amNhbNGUHA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:21 GMT
age: 11975
etag: "2c4727cd94e60fb6c4f8f09361a479f723e86fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4cb7be12333fa7ea3353901b4b3215af 4b758cc432874384f330568177eef5a328d7e69a d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OsitP8LhrabAIbfq-ZTMmpJfnfvttYGad42iE3obktcRneUqbBHlpw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:59:27 GMT
age: 76049
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/images/Favicon.png | 46.229.46.185 | 200 OK | 29 kB |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/images/Favicon.png IP46.229.46.185:0 ASN#61157 PlusServer GmbH
File typePNG image data, 900 x 900, 8-bit/color RGB, non-interlaced\012- data Hash4f232f9de68178f7180b7cf79eaf0994 bc512b6f65d95d7d6e8f6e22af6575741bc5a593 218df7cc27f65d1771977718e04790049bccda6fe7e65932e514887ff5966229
GET /templates/g5_hydrogen/custom/images/Favicon.png HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: image/png
content-length: 28558
last-modified: Wed, 15 Jul 2020 14:55:43 GMT
etag: "5f0f18ef-6f8e"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheac67b57277f6a61589ef5f6a4daccbb 654c00ad053213758c5946123f49cb157f751570 9271b578346c4e1c2192c5d64222af2874fc86e25e886c76a5d70e34d308f694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7244
x-amzn-requestid: a9dfb0b3-2f43-49c0-8341-d242de8f6fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbl8HHyIAMFS3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a625-06ec97e4419248a777ed9e77;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uosIDE2c24c8qkJbUBjBliFv_Vweey99QzcN80MmHK-jS29voofwLA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:26:38 GMT
age: 70818
etag: "654c00ad053213758c5946123f49cb157f751570"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b83f15b09d | 104.18.22.52 | 200 OK | 54 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b83f15b09d IP104.18.22.52:0
File typeASCII text, with very long lines (65397) Hashdc9270247a97f75913a5d8934c24de03 ed9b0fa01b552571f99d529ed355b2ba91cfc48d 847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b83f15b09d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.steuer-kel.de
Connection: keep-alive
Referer: https://www.steuer-kel.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 78dca12cfcdeb521-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 | 104.18.22.52 | 200 OK | 20 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 IP104.18.22.52:0
File typeWeb Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data Hashc7682b8035fc1d1672d6455631813794 9e2955e5e55b3073e229c218724406425862d4a1 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.steuer-kel.de
Connection: keep-alive
Referer: https://www.steuer-kel.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 78dca1309f02b521-OSL
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/media/gantry5/assets/css/font-awesome.min.css?63c7c1cf | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/media/gantry5/assets/css/font-awesome.min.css?63c7c1cf IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /media/gantry5/assets/css/font-awesome.min.css?63c7c1cf HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 09:54:23 GMT
vary: Accept-Encoding
etag: W/"63c7c1cf-7918"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/custom__error.css?63c7e234 | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/custom__error.css?63c7e234 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
GET /templates/g5_hydrogen/custom/css-compiled/custom__error.css?63c7e234 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 12:12:36 GMT
vary: Accept-Encoding
etag: W/"63c7e234-37ea"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/media/gantry5/assets/js/main.js?63c7c1cf | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/media/gantry5/assets/js/main.js?63c7c1cf IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /media/gantry5/assets/js/main.js?63c7c1cf HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: application/javascript
last-modified: Wed, 18 Jan 2023 09:54:23 GMT
vary: Accept-Encoding
etag: W/"63c7c1cf-efbc"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/hydrogen-joomla__error.css?63c7e234 | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/hydrogen-joomla__error.css?63c7e234 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
GET /templates/g5_hydrogen/custom/css-compiled/hydrogen-joomla__error.css?63c7e234 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 12:12:36 GMT
vary: Accept-Encoding
etag: W/"63c7e234-49ae"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/images/Kameter-Eckert-Luger_Steuerberatung_Logo.svg | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/images/Kameter-Eckert-Luger_Steuerberatung_Logo.svg IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/g5_hydrogen/custom/images/Kameter-Eckert-Luger_Steuerberatung_Logo.svg HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Jul 2020 14:55:43 GMT
vary: Accept-Encoding
etag: W/"5f0f18ef-14cc4"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kit.fontawesome.com/b83f15b09d.js | 104.18.22.52 | 200 OK | 0 B |
URL HTTP/2kit.fontawesome.com/b83f15b09d.js IP104.18.22.52:0
GET /b83f15b09d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.steuer-kel.de
Connection: keep-alive
Referer: https://www.steuer-kel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:06:56 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FzzKr2Iv4npcTA9M2hxB
cf-cache-status: MISS
server: cloudflare
cf-ray: 78dca12b5c1eb521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/secure/chase/Service/Login/account/auth.php | 46.229.46.185 | 404 Not Found | 0 B |
URL HTTP/2www.steuer-kel.de/secure/chase/Service/Login/account/auth.php IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /secure/chase/Service/Login/account/auth.php HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/html; charset=UTF-8
pragma: no-cache
set-cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op; path=/; secure; HttpOnly
referrer-policy: unsafe-url
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, max-age=0, no-cache, no-store, must-revalidate
expires: Mon, 23 Jan 2023 01:06:55 GMT
x-cached-by: JCH Optimize v7.3.1
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/media/gantry5/engines/nucleus/css-compiled/nucleus.css?63c7c1cf | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/media/gantry5/engines/nucleus/css-compiled/nucleus.css?63c7c1cf IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /media/gantry5/engines/nucleus/css-compiled/nucleus.css?63c7c1cf HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 09:54:23 GMT
vary: Accept-Encoding
etag: W/"63c7c1cf-4f58"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/hydrogen__error.css?63c7e233 | 46.229.46.185 | 200 OK | 0 B |
URL HTTP/2www.steuer-kel.de/templates/g5_hydrogen/custom/css-compiled/hydrogen__error.css?63c7e233 IP46.229.46.185:0 ASN#61157 PlusServer GmbH
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/g5_hydrogen/custom/css-compiled/hydrogen__error.css?63c7e233 HTTP/1.1
Host: www.steuer-kel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.steuer-kel.de/secure/chase/Service/Login/account/auth.php
Connection: keep-alive
Cookie: 442ae391a6d5bebc46e1ca0d04ebee1e=3qus78lvhr1up7niem9gbhc4op
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:06:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 12:12:35 GMT
vary: Accept-Encoding
etag: W/"63c7e233-74c4"
content-encoding: br
X-Firefox-Spdy: h2
|
|