Report - egkmobile.de/

Report Overview

Submitted URL
egkmobile.de/
IP
217.160.0.164
ASN
#8560 IONOS SE
Submitted
2022-11-15 04:27:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www.gmx.net	49214	2012-05-21T08:48:41Z	2023-03-10T12:50:02Z	494 B	70 kB	82.165.229.46
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
s.uicdn.com	25781	2012-07-03T14:15:21Z	2023-03-10T07:43:21Z	1.6 kB	18 kB	23.38.200.165
tgw.gmx.net	unknown	2022-06-02T18:45:33Z	2023-03-10T12:50:05Z	1.8 kB	2.2 kB	217.72.199.35
egkmobile.de	unknown			1.2 kB	793 B	217.160.0.164
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.188.211.138
img.ui-portal.de	21604	2012-07-10T21:45:09Z	2023-03-10T07:15:04Z	3.7 kB	108 kB	23.38.200.165
dl.gmx.net	41286	2012-05-24T09:58:27Z	2023-03-10T12:50:02Z	781 B	92 kB	23.38.200.165
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	51 kB	34.120.237.76
wa.gmx.net	68545	2019-06-04T11:47:07Z	2023-03-10T12:50:03Z	1.7 kB	904 B	82.165.229.16
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
epimetheus.navigator.gmx.net	48439	2020-12-09T08:23:40Z	2023-03-10T12:50:05Z	1.4 kB	2.0 kB	217.72.199.21
js.ui-portal.de	25004	2012-07-10T21:45:10Z	2023-03-10T07:43:21Z	2.8 kB	162 kB	23.38.200.165

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	egkmobile.de/	Phishing
2022-11-15	medium	egkmobile.de/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.gmx.net/produkte/homepage-mail/homepage-parken/	388 B	2023-03-07	2024-04-28
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-28 10:08:06 Times Seen123 Hash 285efdcf951a565d743b69e7ff7585e1 dbc954407866af5e066e3ff6458eac964b29a0c7 a69be6c1f509d8e76b0946f0af8fdb70cddc3b67f9c2e6ec9eddd94f918f8e9a Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	698 B	2023-03-07	2023-04-20
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-04-20 15:53:09 Times Seen31 Hash 4a0e9fd635432ceab9a6d8dbeee072d6 42539c699d99339cc0e445b4a4ab8bb48b6e92d0 152e7b1fba33f8cb4139a84249d65be5dc2a901ec8d739b94e32fa0e8cc14b92 Loading...

	js.ui-portal.de/cat/product/partner-products/2.1.0/product.js	3.3 kB	2023-03-07	2023-03-17
Pretty URL js.ui-portal.de/cat/product/partner-products/2.1.0/product.js IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-03-17 12:30:43 Times Seen1 Hash a55f7b7f278a5f2ef8bd11ea3b6ca539 43d6680bf6af5406370146d15b469df73ed2bf30 e73a23f787ac89eae6e97682e776d6fba8595da1afbe1e4ed332f028021d15f1 Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	371 B	2023-03-07	2024-04-28
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-28 10:08:06 Times Seen127 Hash cc3583521a71685b5c770356623684f6 13479ff61c012bbb29c7c70cdf78866a3d711571 9a6392a1e7536307a9b046005a9a0b67fba9b2b03d7cd00001657b6c9f5911e5 Loading...

	js.ui-portal.de/c/eic/eic.js	9.1 kB	2023-03-07	2024-04-28
Pretty URL js.ui-portal.de/c/eic/eic.js IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-28 10:08:06 Times Seen365 Hash 09e0e16ca0343dcf589d1401ee0affb3 19e457ca522d59aa83e1de313781972654b25326 037d2f3dde88d30af81cc355ef86a1a192a0ce781da44b9c89419092c66fdc7f Loading...

	dl.gmx.net/tcf/live/v1/js/tcf-api.js	142 kB	2023-03-08	2023-11-06
Pretty URL dl.gmx.net/tcf/live/v1/js/tcf-api.js IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-11-06 11:27:56 Times Seen8 Hash 495f086eb6a6c749d16165453e7746a7 a6b9a0656ef8f535a675a5390f57c0dd766f0b61 37bb1694574121cdda4920206aab79fc9ac43a331c266a6759a441207d5cb2d4 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545	5.5 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545 IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash a096a0c12c9bf017d7da3c3f61386df8 3ad0656fc1bb56bdd163a665a81d0edb030c5ac8 73143c7f9225040a3a98945decc138d0eeb343e40ebd3de7fa86e7eb3e8583e0 Loading...

	js.ui-portal.de/prompt/permission/latest/tracking.min.js	7.4 kB	2023-03-07	2024-04-28
Pretty URL js.ui-portal.de/prompt/permission/latest/tracking.min.js IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-28 10:08:06 Times Seen236 Hash 6f4daca24d71edd532e27eef87ef36d9 d7223b400fb9f896ac8ec4cadb765f22ceb1e4bb 10a4ffe3d65b0629d9d6340837de38ed0884538c7f168400fe367d65e67ea8f8 Loading...

	js.ui-portal.de/prompt/permission/latest/connector.min.js?	6.7 kB	2023-03-08	2023-03-12
Pretty URL js.ui-portal.de/prompt/permission/latest/connector.min.js? IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-12 18:42:46 Times Seen1 Hash ec7ea47f4ddee73768e64af53da4eaec 06f4eeab8477950bed3a181b353bcbbf159b2149 6cf96008f7efbe709478519e738a9c29d941f80f3b257d3e2afd67e75e2bea64 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/daq.js	42 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/daq.js IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 2891048c63fb5bbe11bdaeeb0a8c13ad ec9a9852c5addc01ee07d8607bb3904678078c03 a2c6523166cc9bb7bb38c974b4f4b21b4ac06258e99962fac619b83dc550d37c Loading...

	js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp	174 kB	2023-03-08	2023-03-13
Pretty URL js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-13 07:56:45 Times Seen1 Hash 6a9f32a705c8f61e080e90408cdc1a32 a9ba5f948e5204095895360cba74e8b1cc7b9306 e02532fdd969f80556f5e9342001c7d0ff6e904a4f2471f5c94d5b6a17200cdb Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826	4.3 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826 IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 753f5d3348b30fc57aa8b6b45fe512c5 6c2f5ab8437c38c0666ebd38de1a8a5edb79c00f c792c5434dd11447ef7fb4408dc1999c75056757b2899d6839b54f422f41e798 Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	718 B	2023-03-11	2023-03-11
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:37:31 Last Seen2023-03-11 12:17:02 Times Seen1 Hash 24f053aa3308da2d190e53ee992001f9 27cb6b5d74eef69300af2dde7a93d54b0d8594a0 e73728d3d32c71e498e01a52bb1a276dc52d7366fdceb24213e83b2f7cd3845c Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	662 B	2023-03-07	2023-05-07
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-05-07 20:25:48 Times Seen35 Hash c5a09490037b804f1301a362524ebeb2 881919a6b27316352d06ce31038da6b207710a1f 1deb23052487878243176460890f75c5d008e5daa36e0859fba90e2cf4b3c090 Loading...

	unknown	0 B	2023-03-07	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 23:25:05 Times Seen37257867 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826	4.4 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826 IP 23.38.200.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 6fac2c4c3dc1b56c9b91c90d188c1350 8b2983c1ffaf7015f93ac46cbce5dc39a37aecce fe031dd149fd2272dd6d693b394d2529af98de0bf8c2c12f727d6f2e3cf5f226 Loading...

HTTP Transactions (53)

URL IP Response Size

egkmobile.de/

217.160.0.164

302 Moved Temporarily

138 B

URL HTTP/1.1
egkmobile.de/
IP
217.160.0.164:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: egkmobile.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 15 Nov 2022 04:27:46 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://egkmobile.de/
Expires: Tue, 15 Nov 2022 04:47:46 GMT
Cache-Control: max-age=1200

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7779
Expires: Tue, 15 Nov 2022 06:37:25 GMT
Date: Tue, 15 Nov 2022 04:27:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4382
Cache-Control: max-age=112593
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:27:46 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:44:19 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10294
Expires: Tue, 15 Nov 2022 07:19:20 GMT
Date: Tue, 15 Nov 2022 04:27:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 03:44:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2604
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TB/p7jA8WgeXtGxC7XltFINXOUUk86iNh4ZbpWccO6ILhx3z1oet2E4nPCqg0eC8LNoNnox8f0I=
x-amz-request-id: 6T7FG5Y0E7EYSEB9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 04:14:07 GMT
age: 819
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 04:27:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 04:25:01 GMT
cache-control: public,max-age=3600
age: 166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=108204
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 04:27:47 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:31:11 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.188.211.138

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.188.211.138:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FHlhcMpSTm8gzJ2qCOLAYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VI7EeRKoh73dnclZmAzsfndlOwg=

img.ui-portal.de/cat/mdh/gmx/Domain%20parken/td_3900_gmx_mdh_parken_image_screen_01_sschlag_03.png

23.38.200.165

200 OK

6.9 kB

URL HTTP/2
img.ui-portal.de/cat/mdh/gmx/Domain%20parken/td_3900_gmx_mdh_parken_image_screen_01_sschlag_03.png
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6853 bytes)
Hash
7b744728bb4e38cf7cf8ad9e551b812d
b9fa0469b3823eb3b92cfe00b45b597b2d06a40b
ec38aa67222d76cb4910ade6f967c31913894d2487d8967b39c608701768468d

HTTP Headers

GET /cat/mdh/gmx/Domain%20parken/td_3900_gmx_mdh_parken_image_screen_01_sschlag_03.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 16 Aug 2019 13:02:09 GMT
etag: "1ac5-5903b991c9c5a"
server: Apache
accept-ranges: bytes
content-length: 6853
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1
date: Tue, 15 Nov 2022 04:27:48 GMT
X-Firefox-Spdy: h2

js.ui-portal.de/prompt/permission/latest/connector.min.js?

23.38.200.165

200 OK

2.4 kB

URL HTTP/2
js.ui-portal.de/prompt/permission/latest/connector.min.js?
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (6653)
Size
2.4 kB (2364 bytes)
Hash
1f5367d866293b8dda44f76d02962198
351ab490848e0db947eed72a7ad17f60755362bd
d51600ca1879967e94f45a05c5cd6569db794e3a92407e147fdace92aa53d57d

HTTP Headers

GET /prompt/permission/latest/connector.min.js? HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 10 Oct 2022 12:25:33 GMT
etag: "1a27-5eaad41936ef6"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2364
content-type: application/javascript
cache-control: public, max-age=77
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/product/partner-products/2.1.0/product.css

23.38.200.165

200 OK

415 B

URL HTTP/2
js.ui-portal.de/cat/product/partner-products/2.1.0/product.css
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
415 B (415 bytes)
Hash
160ba77368675111eb6fab0b401b0780
a5dd59b7843ad101f9aa40a9b8d142e1b052f2b0
4c1bb2bbe511a86d5c63df82ed6ff90a08e3c0fa4da55b8d5478d38f9ab65aaa

HTTP Headers

GET /cat/product/partner-products/2.1.0/product.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 22 Apr 2022 08:12:10 GMT
etag: "4f9-5dd39c87c0a80"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 415
content-type: text/css
cache-control: public, max-age=1753
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.gmx.net/produkte/homepage-mail/homepage-parken

82.165.229.46

301 Moved Permanently

70 kB

URL HTTP/2
www.gmx.net/produkte/homepage-mail/homepage-parken
IP
82.165.229.46:0
ASN
#8560 IONOS SE

File type
data
Size
70 kB (69953 bytes)
Hash
a30442771b8e74bde93b9c6b1b509c78
b267dddfb927ad8ebe0da6d5479136c051b989e7
f9910124bde45f24ea9ccdea0129be2c0bd501b905abef800a23b787fafa8d11

HTTP Headers

GET /produkte/homepage-mail/homepage-parken HTTP/1.1
Host: www.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://egkmobile.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 04:27:48 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/html
rtss: 1-*-1
location: https://www.gmx.net/produkte/homepage-mail/homepage-parken/
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/product/partner-products/2.1.0/product.js

23.38.200.165

200 OK

1.2 kB

URL HTTP/2
js.ui-portal.de/cat/product/partner-products/2.1.0/product.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (3300), with no line terminators
Size
1.2 kB (1246 bytes)
Hash
d1dac21f87b82b4972a6276acf082b73
7e85bf22206be94aeb3e6ebc3417ef7218afe559
fcfb2aa9a51635af3596a64a7b330a60d0743057c47b22b51ff59d8912e3de82

HTTP Headers

GET /cat/product/partner-products/2.1.0/product.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 19 Apr 2022 12:53:17 GMT
etag: "ce4-5dd015c4fe940"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 1246
content-type: application/javascript
cache-control: public, max-age=515
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/components/5.10/components.js

23.38.200.165

200 OK

94 kB

URL HTTP/2
js.ui-portal.de/cat/components/5.10/components.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (356), with CRLF line terminators
Size
94 kB (93707 bytes)
Hash
bea02e9cf5bff5090ce6da2b7bf7fbf7
8bdcddb810e6f86c44f709c466ac9ccc69166e11
d0fa4e917277b45e093d0a35cb330921f61306a017019435d062c088df447bdf

HTTP Headers

GET /cat/components/5.10/components.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 09:06:14 GMT
etag: "50b6c-5ea45e388769e"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-type: application/javascript
content-length: 93707
cache-control: public, max-age=1585
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/c/eic/eic.js

23.38.200.165

200 OK

2.8 kB

URL HTTP/2
js.ui-portal.de/c/eic/eic.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1112), with CRLF line terminators
Size
2.8 kB (2825 bytes)
Hash
aee00c21a7d54b0f487e8109cc76baf2
89ec6675e4f72178cbd22d83e08281581309689e
75fb8f3c45c0a9c8c600bfb61ebf993e83d02e5914d0e3b6e10156987e6270f0

HTTP Headers

GET /c/eic/eic.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 26 Sep 2017 08:18:07 GMT
etag: "2380-55a13509fe826"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2825
content-type: application/javascript
cache-control: public, max-age=68668
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff

23.38.200.165

200 OK

19 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 18880, version 2.137\012- data
Size
19 kB (18880 bytes)
Hash
65ef01dd5f041403d0b7357619a1f447
ed6c6ebbe03deb3cb59891cf28b57cca1f720b53
4cde34c1e366e3d7625d453914da07e72c137c195ec9191db06f41775e65a01b

HTTP Headers

GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 18 Jul 2017 09:59:36 GMT
etag: "49c0-5549492a91200-gzip"
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=2424807
date: Tue, 15 Nov 2022 04:27:48 GMT
content-length: 18880
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff

23.38.200.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25268, version 1.0\012- data
Size
25 kB (25268 bytes)
Hash
87dc856a4038eba42eb5bcf49ff85712
6a2aac951a11fc3523ca98e5df98b28de21c90d8
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6

HTTP Headers

GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:48 GMT
etag: "62b4-4f35bfeb9b700-gzip"
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=2387593
date: Tue, 15 Nov 2022 04:27:48 GMT
content-length: 25268
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff

23.38.200.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25048, version 1.0\012- data
Size
25 kB (25048 bytes)
Hash
b9d01ac1742192a7c9d30f3fe346a9f4
7936f9a6690c04cec20cdd3b270bda83a613582b
8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910

HTTP Headers

GET /ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "61d8-4f35bfe9b3280-gzip"
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=2387622
date: Tue, 15 Nov 2022 04:27:48 GMT
content-length: 25048
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff

23.38.200.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25020, version 1.0\012- data
Size
25 kB (25020 bytes)
Hash
3e5675c89f974f7811eeaf07e2dd5ba3
99d93e1e3636f86c85b0c7c4da2077b4f1ee010c
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

HTTP Headers

GET /ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "61bc-4f35bfe9b3280-gzip"
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=2387661
date: Tue, 15 Nov 2022 04:27:48 GMT
content-length: 25020
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/brand-logo.svg

23.38.200.165

200 OK

453 B

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/brand-logo.svg
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (681), with CRLF line terminators
Size
453 B (453 bytes)
Hash
bbfe4a327f71e619c251f3b2583c6ab3
0075738a9d349020e3e8e18e9eab773733348c98
25fdabdb964d0e86f42b7c91125dfba131c1fd99970a8f2bae437fb2b8bb127e

HTTP Headers

GET /cd/ci/gmx.net/brand-logo.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Jan 2018 13:10:53 GMT
etag: "2ab-5630cb19a6ac9"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 453
content-type: image/svg+xml
cache-control: public, max-age=626
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/service-410.svg

23.38.200.165

200 OK

687 B

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/service-410.svg
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1034)
Size
687 B (687 bytes)
Hash
2c8088c832eaf122fbbbf19aff7fd118
ee0867d77e6a11ec0c554d92c94efa4b81f6300a
1af4a28013eb4bee8a963437a68a17cfda973684790db4a12f65b46341dca2d9

HTTP Headers

GET /cd/ci/gmx.net/service-410.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 18 Dec 2019 14:40:24 GMT
etag: "61c-599fb6cc943d5"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 687
content-type: image/svg+xml
cache-control: public, max-age=1035
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/daq.js

23.38.200.165

200 OK

12 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/daq.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (14989)
Size
12 kB (11516 bytes)
Hash
d3783ec8d701585e6ca82fcfb997866a
c9eb8eb93d9b2d037055fe14ae92a396b3404bfb
c6e38ee7ea70c7ae710f563fc88d683f4ff7e9610bacec6818169e39e0969912

HTTP Headers

GET /t/prod/iq/mam/scarlet/daq.js HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 09 Nov 2022 16:54:33 GMT
etag: "a261-5ed0c82cd7744-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 11516
content-type: application/javascript
cache-control: max-age=223
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

dl.gmx.net/tcf/live/v1/js/tcf-api.js

23.38.200.165

200 OK

44 kB

URL HTTP/2
dl.gmx.net/tcf/live/v1/js/tcf-api.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65473), with no line terminators
Size
44 kB (43629 bytes)
Hash
f42b209ca8dd5579f5c659cc9a42cc72
61c7c35ead88d38b9fd1fab25db229aeead2c834
bc23198257dfec4f2b9588cf56a483405db49864e4176197a0737534ccfd3101

HTTP Headers

GET /tcf/live/v1/js/tcf-api.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 10:20:10 GMT
etag: "22a2f-5ecf2e28944db-gzip"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 43629
content-type: application/javascript
cache-control: public, max-age=13532
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/brand-410.svg

23.38.200.165

200 OK

3.1 kB

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/brand-410.svg
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (745)
Size
3.1 kB (3123 bytes)
Hash
a39f3f400b50dcab24915f52a5219dd8
80c6be5fa8a88ad47a8b1b21bde6cd61fb290a94
96b943ef67a4c2ce4d37c81b77df3fd92e65e7b3f5d78a118dea78bb911f1f10

HTTP Headers

GET /cd/ci/gmx.net/brand-410.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 18 Dec 2019 14:40:24 GMT
etag: "2133-599fb6cc897f4"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 3123
content-type: image/svg+xml
cache-control: public, max-age=1414
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp

23.38.200.165

200 OK

56 kB

URL HTTP/2
js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
C source, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Size
56 kB (56260 bytes)
Hash
9ecf39c18be789499b773264bbe5af74
f32e239b0842f54e9de78dcb85cfe7856b1aaa41
9ad1ae4798476de2af38fe2c82e5ae0885443e780df4940acbc8d1f2cf2160cd

HTTP Headers

GET /tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 13:39:04 GMT
etag: "2a7bd-5e907d5cf0ec4"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-type: application/javascript
content-length: 56260
cache-control: public, max-age=302
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

dl.gmx.net/permission/live/v1/ppp/js/permission-client.js

23.38.200.165

200 OK

48 kB

URL HTTP/2
dl.gmx.net/permission/live/v1/ppp/js/permission-client.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (60894)
Size
48 kB (48064 bytes)
Hash
72a3c59d81939d188b2858746bff44e8
cbd5385369dd8a135ec7817e49af19a905cbc13c
00d9bc31b826904bf9602facc0ccb72b41413db29e76ca458a329c58847e927e

HTTP Headers

GET /permission/live/v1/ppp/js/permission-client.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 24 Oct 2022 08:35:18 GMT
etag: "26bc7-5ebc3abdbd9de"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
access-control-allow-methods: GET
content-length: 48064
content-type: application/javascript
cache-control: public, max-age=11501
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 04:27:48 GMT
Connection: keep-alive

s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545

23.38.200.165

200 OK

1.9 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (2891)
Size
1.9 kB (1852 bytes)
Hash
a17c63d9aa67731426e1189c57f6d599
66b9c5b307d172d0e11d772bd0fb51c942b5b80f
d401fefdfd6d29cd502457e4c6f21cced71dcb71056c52145c79495907d61bcc

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 09 Nov 2022 16:54:33 GMT
etag: "1570-5ed0c82cd7744-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1852
content-type: application/javascript
cache-control: max-age=519
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 04:27:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 04:27:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 04:27:48 GMT
Connection: keep-alive

js.ui-portal.de/prompt/permission/latest/tracking.min.js

23.38.200.165

200 OK

3.0 kB

URL HTTP/2
js.ui-portal.de/prompt/permission/latest/tracking.min.js
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (7391)
Size
3.0 kB (2963 bytes)
Hash
1b696a42b6df4ab8815419948f9e1bcb
df4ebc0a4fd4c37b6abe6a29bdfce28318f830ed
8326a643207d26d16d5a4419a0df2695a8cd54c35d583fc196da1fda7a01483b

HTTP Headers

GET /prompt/permission/latest/tracking.min.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 13:51:05 GMT
etag: "1d08-5c4f67fa0c14d"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2963
content-type: application/javascript
cache-control: public, max-age=301
date: Tue, 15 Nov 2022 04:27:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 04:27:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7982 bytes)
Hash
508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 24026
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5856 bytes)
Hash
b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: b6972c46-67c1-4928-85d3-f8fe5f086449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQaYHsHoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610f-4ad4de3440d05bce46b54ebd;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rd662WbccpmBSTlfWbSNYkXLKRCTr3-HGg9m4S_CNQ5kqcnPalr41w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:23:46 GMT
age: 3842
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8025 bytes)
Hash
94c82cd0e4204ea23b9bd86a3f576fa8
1651325ad361d1c86a4b81edb6b75af27f490a39
0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: e7f9048b-7b8a-4e69-954f-31a7be2548e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bRUl5HvRoAMFy0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636a0158-063e221d1d6a4dac5f42ec48;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 07:12:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Fu14fmRDqxHs_RHrfXZRez5LnYW6HNuD-AvFDdzQwsxa1BPBFEqh-A==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:35:56 GMT
age: 3112
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c0c0f21-d8ce-4a68-96de-3d9fe7f62af1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12049 bytes)
Hash
d8a88adfc74554dbc851f24a004ec884
e4e4d9c1fd4c32b7ce7a9b14fbe132ef91214c46
99bfddf63d54da3cb418fb5bfe97f20b18ac62c49eb26fa9b1f67e122b5abc13

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c0c0f21-d8ce-4a68-96de-3d9fe7f62af1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12049
x-amzn-requestid: f62fd1a1-7dea-48ca-b174-c0f56a33b400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAeRGLAoAMFW4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368adf4-62d5d59331ce02cf7376c3d3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:04:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2xZgikE54j2V5eCSmx7WBtR3w1SCOKZgkUMQAn58UvWZaoofg6YZug==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:38:20 GMT
age: 2968
etag: "e4e4d9c1fd4c32b7ce7a9b14fbe132ef91214c46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:57 GMT
age: 24111
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826

23.38.200.165

200 OK

1.8 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1159)
Size
1.8 kB (1819 bytes)
Hash
6d37f3cba04f5f3519de55bf6331484c
b4b9c78c1d0b27b7dfa9f614353b22de75c6407b
398e7ae148da69c2f0b46fcb2ef0d1100618f0c526b8484cf80e2910d216fa69

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 09 Nov 2022 16:54:33 GMT
etag: "10a9-5ed0c82cd7744-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1819
content-type: application/javascript
cache-control: max-age=507
date: Tue, 15 Nov 2022 04:27:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826

23.38.200.165

200 OK

1.9 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826
IP
23.38.200.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1128)
Size
1.9 kB (1851 bytes)
Hash
c90c0941490f924fba47f73a5f7cd4eb
8331f6208c5290a9c42037e8ed026c9a2791ed55
8ddaae7ef130195149ecef9ae85c545c28aebb8fc555fbc1c558787563a8adac

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Wed, 09 Nov 2022 16:54:33 GMT
etag: "1101-5ed0c82cd7744-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1851
content-type: application/javascript
cache-control: max-age=264
date: Tue, 15 Nov 2022 04:27:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

tgw.gmx.net/events

217.72.199.35

200 OK

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.gmx.net/
Origin: https://www.gmx.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Tue, 15 Nov 2022 04:27:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

tgw.gmx.net/events

217.72.199.35

200 OK

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.gmx.net/
Origin: https://www.gmx.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Tue, 15 Nov 2022 04:27:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

wa.gmx.net/gmxnet/gmxnet/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmxnet&portal=gmxnet&country=de&ts=1668486468877&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden

82.165.229.16

200 OK

43 B

URL HTTP/2
wa.gmx.net/gmxnet/gmxnet/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmxnet&portal=gmxnet&country=de&ts=1668486468877&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden
IP
82.165.229.16:0
ASN
#8560 IONOS SE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

POST /gmxnet/gmxnet/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmxnet&portal=gmxnet&country=de&ts=1668486468877&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden HTTP/1.1
Host: wa.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Content-Length: 0

HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:27:49 GMT
server: Apache
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
p3p: CP="this is not a p3p policy"
access-control-allow-origin: *
vary: X-Forwarded-For
accept-ranges: bytes
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2

wa.gmx.net/gmxnet/gmxnet/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmxnet&portal=gmxnet&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1668486468865&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view

82.165.229.16

200 OK

43 B

URL HTTP/2
wa.gmx.net/gmxnet/gmxnet/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmxnet&portal=gmxnet&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1668486468865&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view
IP
82.165.229.16:0
ASN
#8560 IONOS SE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /gmxnet/gmxnet/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmxnet&portal=gmxnet&referrer=https%3A%2F%2Fegkmobile.de%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1668486468865&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view HTTP/1.1
Host: wa.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 04:27:49 GMT
server: Apache
set-cookie: wa=opt-out; path=/; domain=.gmx.net; expires=Wed, 15-Nov-2023 04:27:49 GMT; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
p3p: CP="this is not a p3p policy"
access-control-allow-origin: *
vary: X-Forwarded-For
accept-ranges: bytes
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2

tgw.gmx.net/events

217.72.199.35

202 Accepted

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/vnd.PageViewEvent-v3+json
Content-Length: 1043
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Content-Md5: 1B2M2Y8AsgTpgAmY7PhCfg==
Date: Tue, 15 Nov 2022 04:27:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

tgw.gmx.net/events

217.72.199.35

202 Accepted

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/vnd.userevent-v3+json
Content-Length: 1123
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Content-Md5: 1B2M2Y8AsgTpgAmY7PhCfg==
Date: Tue, 15 Nov 2022 04:27:49 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

epimetheus.navigator.gmx.net/monitoring/compat

217.72.199.21

204 No Content

0 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring/compat
IP
217.72.199.21:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /monitoring/compat HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 61
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Date: Tue, 15 Nov 2022 04:27:50 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bs
X-App-Host: epimetheus-gmx-live-84b57d9c6f-z7f6d
X-App-Version: 1.9.0
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

epimetheus.navigator.gmx.net/monitoring/compat

217.72.199.21

204 No Content

0 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring/compat
IP
217.72.199.21:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /monitoring/compat HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 62
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Date: Tue, 15 Nov 2022 04:27:50 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bs
X-App-Host: epimetheus-gmx-live-84b57d9c6f-z7f6d
X-App-Version: 1.9.0
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

epimetheus.navigator.gmx.net/monitoring

217.72.199.21

202 Accepted

2 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring
IP
217.72.199.21:0
ASN
#8560 IONOS SE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /monitoring HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 185
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Content-Type: application/json
Date: Tue, 15 Nov 2022 04:27:50 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bs
X-App-Host: epimetheus-gmx-live-84b57d9c6f-52mkh
X-App-Version: 1.9.0
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

egkmobile.de/

217.160.0.164

200 OK

0 B

URL HTTP/2
egkmobile.de/
IP
217.160.0.164:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: egkmobile.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
date: Tue, 15 Nov 2022 04:27:46 GMT
server: Apache
last-modified: Wed, 09 Nov 2022 22:33:11 GMT
etag: W/"a2-5ed113dd2b7c0"
content-encoding: gzip
X-Firefox-Spdy: h2

egkmobile.de/favicon.ico

217.160.0.164

404 Not Found

0 B

URL HTTP/2
egkmobile.de/favicon.ico
IP
217.160.0.164:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: egkmobile.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://egkmobile.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Tue, 15 Nov 2022 04:27:47 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations