meine-ameisen.de/
301 Moved Permanently 162 B IP
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Feb 2023 02:16:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.meine-ameisen.de/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17714
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 02:16:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14513
Expires: Mon, 06 Feb 2023 06:18:41 GMT
Date: Mon, 06 Feb 2023 02:16:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 01:36:25 GMT
content-type: application/json
age: 2423
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4358
Expires: Mon, 06 Feb 2023 03:29:26 GMT
Date: Mon, 06 Feb 2023 02:16:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AFcu/bjJdqb/i9KVfwhEDLNJ0ss9hzLacFJsSHP0gtaO+Hb1aMPPsheEQIYNuDHTR/xyssIfZZk=
x-amz-request-id: N7PGTSDBAZQ0KKZY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 01:53:31 GMT
age: 1397
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 02:16:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3807ff82fcbdbf015209185a17dfd213
fc9141a8ef9a7d86af7edfdae35f83c0a9431ae6
18a2aba39837482f78d4680432899764f42acc57d5abfd835f0368d85d8185a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18A2ABA39837482F78D4680432899764F42ACC57D5ABFD835F0368D85D8185A0"
Last-Modified: Mon, 06 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Mon, 06 Feb 2023 08:16:18 GMT
Date: Mon, 06 Feb 2023 02:16:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 02:07:20 GMT
age: 569
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.meine-ameisen.de/
200 OK 6.8 kB IP
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2936), with CRLF, CR, LF line terminators
Hash 81d0d7ebb8e9bd3662bcfab6e7e5d78a
58321db167ab561fbceb263ff696f8ebd2fc4d0f
b6cba21ee99a70626989275abafa56591a06c3dbb8ff879fdf51cdb848887486
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: default-src 'self' 'unsafe-inline'
X-Content-Security-Policy: default-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self' 'unsafe-inline'
X-Logged-In: False
Content-Encoding: gzip
Vary: Accept-Encoding
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Referrer-Policy: unsafe-url
Last-Modified: Mon, 06 Feb 2023 02:16:49 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
X-Powered-By: PleskLin
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3024
Expires: Mon, 06 Feb 2023 03:07:13 GMT
Date: Mon, 06 Feb 2023 02:16:49 GMT
Connection: keep-alive
www.meine-ameisen.de/media/joomgallery/css/joom_settings.css
200 OK 1.9 kB URL HTTP/1.1 www.meine-ameisen.de/media/joomgallery/css/joom_settings.css
IP
ASN #20773 Host Europe GmbH
Hash 39d4ee19827b4906143c5e5176b88bd4
f17ee3291f9add80582be974f2716b859211f478
444264f7c01b2879f893d09380dc2d96132c30a17ffd6ca68b84a250a524bf8c
GET /media/joomgallery/css/joom_settings.css HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/css
Content-Length: 1897
Last-Modified: Wed, 20 Sep 2017 08:32:02 GMT
Connection: keep-alive
ETag: "59c22782-769"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/joomgallery/css/joomgallery.css
200 OK 12 kB URL HTTP/1.1 www.meine-ameisen.de/media/joomgallery/css/joomgallery.css
IP
ASN #20773 Host Europe GmbH
Hash 3725bd475aaa0aa9a37c84f2337a7b05
ea697adfb1bee45071cc180e4b9e6db72e81da54
8d50faedb55f21cbcfbe6cc8b1b068075ad4290849e5b3c2e630803c4bd69326
GET /media/joomgallery/css/joomgallery.css HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/css
Content-Length: 12310
Last-Modified: Sat, 03 Feb 2018 10:27:23 GMT
Connection: keep-alive
ETag: "5a758e8b-3016"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/plugins/system/cookiehint/css/redimstyle.css?8eff4f436309a5512f55bbefc28e43ea
200 OK 3.9 kB URL HTTP/1.1 www.meine-ameisen.de/plugins/system/cookiehint/css/redimstyle.css?8eff4f436309a5512f55bbefc28e43ea
IP
ASN #20773 Host Europe GmbH
Hash 806b395956a61b9b904307e0f0e90851
c1dea2368f38a9a229f630089ebae3589666f9e7
4f9d9e92c4338788c502f00efb8d4aa7d0a873055a94f2308685ae0392060deb
GET /plugins/system/cookiehint/css/redimstyle.css?8eff4f436309a5512f55bbefc28e43ea HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/css
Content-Length: 3863
Last-Modified: Wed, 26 Oct 2022 08:29:36 GMT
Connection: keep-alive
ETag: "6358eff0-f17"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/components/com_k2/js/k2.js?v2.6.9&sitepath=/
200 OK 8.0 kB URL HTTP/1.1 www.meine-ameisen.de/components/com_k2/js/k2.js?v2.6.9&sitepath=/
IP
ASN #20773 Host Europe GmbH
Hash 2b9f51803d7d5f578ae71d1ba400309c
98815e6cb3f6c22606db377a0a3bfd8c01a13984
cf1e8a9d880f4ee12c94164ac5be366f4d23e0d199c19f6526aa8cf1e8dad499
GET /components/com_k2/js/k2.js?v2.6.9&sitepath=/ HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: application/javascript
Content-Length: 8011
Last-Modified: Wed, 20 Sep 2017 08:32:01 GMT
Connection: keep-alive
ETag: "59c22781-1f4b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/cache/com_templates/templates/shaper_helix3/f7a58b69afd880af27e5e7f00ef5c9d3.css
200 OK 369 kB URL HTTP/1.1 www.meine-ameisen.de/cache/com_templates/templates/shaper_helix3/f7a58b69afd880af27e5e7f00ef5c9d3.css
IP
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (15911)
Size 369 kB (368816 bytes)
Hash 92a7f4ab6c4dbdcab90b113617476ad4
9fd89ead6879094a11c1c8383c420c481c94da40
3152740458ddc79b5437e8bb8286202d61d0403cc33afbf90112bb7831a88a80
GET /cache/com_templates/templates/shaper_helix3/f7a58b69afd880af27e5e7f00ef5c9d3.css HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/css
Content-Length: 368816
Last-Modified: Mon, 06 Feb 2023 02:16:41 GMT
Connection: keep-alive
ETag: "63e06309-5a0b0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/ads/www/delivery/asyncjs.php
200 OK 1.9 kB URL HTTP/1.1 www.meine-ameisen.de/ads/www/delivery/asyncjs.php
IP
ASN #20773 Host Europe GmbH
File type HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4372), with no line terminators
Hash 6228ca31b2fb8b29b92ebdfad801c797
ee8eba377283892bbc6a094f95244a22925ffee8
674aad889c1ab481fc43f9ae995d7d489d9a479b878dd0cfd47be38e7bb6e393
Analyzer Verdict Alert fortinet Phishing
GET /ads/www/delivery/asyncjs.php HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1920
Connection: keep-alive
Expire: Mon, 06 Feb 2023 03:16:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Referrer-Policy: unsafe-url
ETag: e27b66b6af704c6a2eddb895b3c034d8
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: private, max-age=3600, max-age=604800, no-transform
Expires: Mon, 13 Feb 2023 02:16:49 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Powered-By: PleskLin
www.meine-ameisen.de/cache/com_templates/templates/shaper_helix3/e07410073a19f87a49980e532a6d757d.js
200 OK 297 kB URL HTTP/1.1 www.meine-ameisen.de/cache/com_templates/templates/shaper_helix3/e07410073a19f87a49980e532a6d757d.js
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (785)
Size 297 kB (296886 bytes)
Hash 3a8149f8412b862a9a62d6d8efee85bf
921bd10171c7aa534ca6de704e24a9a7eb2cb628
069bf549472d0ba6d4f9972229152226829d112ae2f8e1906e254830b38145fe
Analyzer Verdict Alert fortinet Phishing
GET /cache/com_templates/templates/shaper_helix3/e07410073a19f87a49980e532a6d757d.js HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: application/javascript
Content-Length: 296886
Last-Modified: Mon, 06 Feb 2023 02:16:41 GMT
Connection: keep-alive
ETag: "63e06309-487b6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/787ae9ec9023a82f5aa7e4c1a64f73cb_S.jpg
200 OK 10 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/787ae9ec9023a82f5aa7e4c1a64f73cb_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x150, components 3\012- data
Hash 0d24d4af36b2f3558182c4ed06de7482
402254f3191b056a23d298d066ac7a5f1aed778f
832a7a4711613a478320bf189a0f2f3e87cc929aa7e4b61a3b6b7bfe3b0f79ca
GET /media/k2/items/cache/787ae9ec9023a82f5aa7e4c1a64f73cb_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 9961
Last-Modified: Wed, 04 May 2022 14:59:43 GMT
Connection: keep-alive
ETag: "627294df-26e9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/3899dfe821816fbcb3db3e3b23f81585_S.jpg
200 OK 8.7 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/3899dfe821816fbcb3db3e3b23f81585_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x25, components 3\012- data
Hash 68b8b640f25ddce721edd30b7b9da28d
d27c1a09301dfc5bc00ba6490e011f185e9e54ac
0d3b852c401d85f44275e75ed9c79eb6d72dbbcd9a1904e049946d2b977377f7
GET /media/k2/items/cache/3899dfe821816fbcb3db3e3b23f81585_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 8747
Last-Modified: Wed, 20 Sep 2017 08:32:02 GMT
Connection: keep-alive
ETag: "59c22782-222b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/images/joomgallery/thumbnails/ameisen-bilder_2/tetramorium_impurum_6/tetramorium_impurum_im_nestroehrchen_1_20130424_1297889907.jpg
200 OK 10 kB URL HTTP/1.1 www.meine-ameisen.de/images/joomgallery/thumbnails/ameisen-bilder_2/tetramorium_impurum_6/tetramorium_impurum_im_nestroehrchen_1_20130424_1297889907.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 111x100, components 3\012- data
Hash 15473af014864ddcfd586c8b47bb6f1a
b4326918e609f7e461b0776bac1e15d1512beb14
c1f36c9f6c689bf413a2bc413a80aae8526bc1d4a46b2c86da9ec0b423d0a040
GET /images/joomgallery/thumbnails/ameisen-bilder_2/tetramorium_impurum_6/tetramorium_impurum_im_nestroehrchen_1_20130424_1297889907.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 10296
Last-Modified: Wed, 20 Sep 2017 08:32:01 GMT
Connection: keep-alive
ETag: "59c22781-2838"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/e2bf3b11df0b872112757f1c2fee6e32_S.jpg
200 OK 8.9 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/e2bf3b11df0b872112757f1c2fee6e32_S.jpg
IP
ASN #20773 Host Europe GmbH
File type PNG image data, 311 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c3cc85eaa067e5aad9c165304bdb08
8c700d832d4f8ea1cc948586d7b61515ec7de217
250901e7b55985f26cfac99fd4dc88b464ecf7c760e0ec9b76b4386e43b3a443
GET /media/k2/items/cache/e2bf3b11df0b872112757f1c2fee6e32_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 8932
Last-Modified: Mon, 20 Apr 2020 16:32:00 GMT
Connection: keep-alive
ETag: "5e9dce80-22e4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/2ff2ba0051687eef5ca0459cf942940c_S.jpg
200 OK 39 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/2ff2ba0051687eef5ca0459cf942940c_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x147, components 3\012- data
Hash 69664e00e96d641906a73fa7a819dc8a
2c6df846037750747b9547508aeabd409727caa4
e1674c3ab0d95bdd8113890cd7a20ac71cb72556711e9c99e17b9b415d8f7f2f
GET /media/k2/items/cache/2ff2ba0051687eef5ca0459cf942940c_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 38707
Last-Modified: Wed, 20 Sep 2017 08:32:02 GMT
Connection: keep-alive
ETag: "59c22782-9733"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/4965657af186b9092c7a96976ffe881c_S.jpg
200 OK 42 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/4965657af186b9092c7a96976ffe881c_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x281, components 3\012- data
Hash 61921f557f9b0f9f049565c9c7daddb7
ac1449ca7d258263d59ed4bd920a2ae6984d61ac
c593dcd79b25b402601009b9534c0513fe516ecddeafc07de9b08dc0b3ca23e3
GET /media/k2/items/cache/4965657af186b9092c7a96976ffe881c_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 42017
Last-Modified: Wed, 20 Sep 2017 08:32:02 GMT
Connection: keep-alive
ETag: "59c22782-a421"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/233826a67be66a810b23a263230da62e_S.jpg
200 OK 14 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/233826a67be66a810b23a263230da62e_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 136x103, components 3\012- data
Hash e063292c9bb09980837b05fd345e82ff
e423358b1d837180c367c06b1d59fac94b426cb5
354335391e6c92e123fe81ba437f80bc6381094d898ce0d733bfe82071864407
GET /media/k2/items/cache/233826a67be66a810b23a263230da62e_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 14093
Last-Modified: Sat, 09 May 2020 12:23:07 GMT
Connection: keep-alive
ETag: "5eb6a0ab-370d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/images/logo_ameise.gif
200 OK 5.9 kB URL HTTP/1.1 www.meine-ameisen.de/images/logo_ameise.gif
IP
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 250 x 80\012- data
Hash 1a1ee65b694d42a29689bf16e377e26f
7507a49d1f52b0a5a51bc01c9d37d649d2a63496
fe2b59b9686a9917949b97c78a27f76d8f8742bd7b9863fc53a777a9839338fc
GET /images/logo_ameise.gif HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/gif
Content-Length: 5897
Last-Modified: Wed, 20 Sep 2017 08:32:01 GMT
Connection: keep-alive
ETag: "59c22781-1709"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/media/k2/items/cache/c889234799e865bbe90cee71f6cd2e53_S.jpg
200 OK 66 kB URL HTTP/1.1 www.meine-ameisen.de/media/k2/items/cache/c889234799e865bbe90cee71f6cd2e53_S.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 200x267, components 3\012- data
Hash f06b6075393a264189c2b3a3db39eb83
f46c4c5872856f819da17510f7fc7f87378c8626
00fc845fdbddf14d6db5eca0fc225a27b9590298107d568d2809e7e2f0d6abfc
GET /media/k2/items/cache/c889234799e865bbe90cee71f6cd2e53_S.jpg HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/jpeg
Content-Length: 65631
Last-Modified: Wed, 20 Sep 2017 08:32:02 GMT
Connection: keep-alive
ETag: "59c22782-1005f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +8ZmRJXl3pdphFGkeZhH8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kq+R+kEEi2gZm4RNBYtIcVbDtEc=
www.meine-ameisen.de/plugins/system/cookiehint/img/little_cookie.png
200 OK 965 B URL HTTP/1.1 www.meine-ameisen.de/plugins/system/cookiehint/img/little_cookie.png
IP
ASN #20773 Host Europe GmbH
File type PNG image data, 35 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a211b231f02bcc7aa1a6ac463d0c100
f2acc98ba2e5c6f73d3adfb894a6abe74e91513a
78023bb80623443179311262d306f66602506d52f86f4fa69ccb7bf8363839a8
GET /plugins/system/cookiehint/img/little_cookie.png HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meine-ameisen.de/plugins/system/cookiehint/css/redimstyle.css?8eff4f436309a5512f55bbefc28e43ea
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/png
Content-Length: 965
Last-Modified: Wed, 26 Oct 2022 08:29:36 GMT
Connection: keep-alive
ETag: "6358eff0-3c5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/templates/shaper_helix3/fonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/1.1 www.meine-ameisen.de/templates/shaper_helix3/fonts/fa-solid-900.woff2
IP
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer Verdict Alert fortinet Phishing
GET /templates/shaper_helix3/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.meine-ameisen.de/cache/com_templates/templates/shaper_helix3/f7a58b69afd880af27e5e7f00ef5c9d3.css
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: font/woff2
Content-Length: 78268
Last-Modified: Tue, 03 Jan 2023 10:31:44 GMT
Connection: keep-alive
ETag: "63b40410-131bc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/images/favicon.ico
200 OK 16 kB URL HTTP/1.1 www.meine-ameisen.de/images/favicon.ico
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2013:04:14 01:26:12], baseline, precision 8, 16x16, components 3\012- data
Hash 62944d4a7342855883339f2e2b2a05a1
631dd3ddd2ea758e0626f48882f5b94e40aaea09
8a0779f316047a233638efef06c7a8c5b7bd0b4b837dde5867f8e9fdb2261e81
GET /images/favicon.ico HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/x-icon
Content-Length: 16013
Last-Modified: Wed, 20 Sep 2017 08:32:01 GMT
Connection: keep-alive
ETag: "59c22781-3e8d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.meine-ameisen.de/ads/www/delivery/asyncspc.php?zones=1&prefix=revive-0-&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F
200 OK 813 B URL HTTP/1.1 www.meine-ameisen.de/ads/www/delivery/asyncspc.php?zones=1&prefix=revive-0-&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F
IP
ASN #20773 Host Europe GmbH
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (813), with no line terminators
Hash 0a18e06cc15a1843d2125eca26fa1f3e
289ef7315a8ad9a1863b13a0998661b0ce987a21
b6f5620e6dc2688e7a81d2ace1e7542cc3fcfe7254726537619f6dd83c6dfab8
GET /ads/www/delivery/asyncspc.php?zones=1&prefix=revive-0-&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 06-Feb-2024 02:16:49 GMT; Max-Age=31536000; path=/; secure; SameSite=none
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Referrer-Policy: unsafe-url
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate, no-transform
X-Powered-By: PleskLin
www.meine-ameisen.de/ads/www/delivery/lg.php?bannerid=1&campaignid=1&zoneid=1&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F&cb=55ab05e565
200 OK 43 B URL HTTP/1.1 www.meine-ameisen.de/ads/www/delivery/lg.php?bannerid=1&campaignid=1&zoneid=1&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F&cb=55ab05e565
IP
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /ads/www/delivery/lg.php?bannerid=1&campaignid=1&zoneid=1&loc=https%3A%2F%2Fwww.meine-ameisen.de%2F&cb=55ab05e565 HTTP/1.1
Host: www.meine-ameisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meine-ameisen.de/
Connection: keep-alive
Cookie: 89a67887fbab30442ff116ae04c07924=pnvdu76bsh0v552o5pjn6cd5ba; OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 02:16:49 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=01000111010001000101000001010010; expires=Tue, 06-Feb-2024 02:16:49 GMT; Max-Age=31536000; path=/; secure; SameSite=none
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Referrer-Policy: unsafe-url
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate, no-transform
X-Powered-By: PleskLin
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9062
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:16:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9062
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:16:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 929818fabd5a6ee5200499ca445d121e
3951cfa614e0a8674b730c4850f6483e35f73f6a
9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Et74Co732_uh0XdLXtBoER9YtKrPXnac-OGNxyuLmjIHsvgi1XwtYA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:26 GMT
age: 14604
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 16007
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 16007
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2e321721a636309ac45c6722f71a5d5
8f4224824571577109bf32b1fa7646dbfb88e818
a52611068a9694594dec4dddb1bd29afdbba897a2e1f61dcf3ceb81e262912e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12459
x-amzn-requestid: 5dd251ba-30e6-47aa-846a-9cefa9aa4928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPHlWIAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-402585d71ebd0ebf75af210d;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dMwyfVFayhAjpMMOiE96N2N5TwdvJ52UvscJ6miuz4W3qNKXVS9jaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:11 GMT
age: 15999
etag: "8f4224824571577109bf32b1fa7646dbfb88e818"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LXNdWi5iKCUI61c2z3spsg5_DGu1jnZ4cIACc3MCmqWP57RveBMGw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 16007
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27b516a4bb5fa5512a31aa8de5f9706e
03aeba4fafc64130967d3645081426f81b5f7dd1
7e5d809bf4e1b6f7f25bf604c1e5efcaf2a442ebfb53397d65820ebb1eaf754a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 4cae7b8e-f650-4d61-9f3d-8cce7410ba1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pOKFamIAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0225a-51cd8f5b2d810ad94f52a5e3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:40:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WhhBAtYjlLj3PcIM5a-OwGIDFLeHYNF5Tg99rpTFMa326gTFJ56zBA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:21 GMT
age: 15929
etag: "03aeba4fafc64130967d3645081426f81b5f7dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
83.169.33.253
35.241.9.150
23.36.76.226