Report - oelix.de/

Report Overview

Submitted URL
oelix.de/
IP
173.212.212.200
ASN
#51167 Contabo GmbH
Submitted
2022-09-05 04:36:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	874 B	580 B	20.75.32.255
static-eu.payments-amazon.com	36727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	557 B	54.230.111.109
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.paypal.com	2583	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	86 kB	151.101.193.21
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	14 kB	13.107.21.200
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.39
widgets.shopvote.de	224052	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	26 kB	213.133.99.219
img.shopvote.de	417567	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	12 kB	213.133.99.219
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	630 B	20.234.93.27
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	53 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	21 kB	142.250.74.174
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	724 B	26 kB	104.212.67.162
oelix.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	415 B	173.212.212.200
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.165.143.157
t.paypal.com	3487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	945 B	1.1 kB	192.229.221.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.oelix.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	862 kB	173.212.212.200
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	795 B	13.107.21.200

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	oelix.de/	Phishing
2022-09-05	medium	www.oelix.de/	Phishing
2022-09-05	medium	www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b	Phishing
2022-09-05	medium	www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7	Phishing
2022-09-05	medium	www.oelix.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605	Phishing
2022-09-05	medium	www.oelix.de/media/image/e6/95/eb/logo_250-94.webp	Phishing
2022-09-05	medium	www.oelix.de/mautic/focus/1.js	Phishing
2022-09-05	medium	www.oelix.de/widgets/emotion/index/emotionId/1/secret//controllerName/index	Phishing
2022-09-05	medium	www.oelix.de/widgets/emotion/index/emotionId/22/secret//controllerName/index	Phishing
2022-09-05	medium	www.oelix.de/widgets/emotion/index/emotionId/94/secret//controllerName/index	Phishing
2022-09-05	medium	www.oelix.de/widgets/emotion/index/emotionId/3/secret//controllerName/index	Phishing
2022-09-05	medium	www.oelix.de/widgets/emotion/index/emotionId/2/secret//controllerName/index	Phishing
2022-09-05	medium	www.oelix.de/media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/09/00/bf/DSC00479_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/91/56/03/DSC00939_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/ae/45/18/DSC00498_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/g0/7c/38/DSC01923_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/fa/91/cc/DSC01154_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/80/69/14/DSC01885_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/97/c4/f7/DSC01863_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/c7/33/e9/DSC01873_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/29/5c/d6/DSC00675_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/5b/96/05/DSC01718_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/bc/5a/79/DSC00538_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/media/image/e6/3e/05/DSC00266_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/csrftoken	Phishing
2022-09-05	medium	www.oelix.de/media/image/1a/8d/57/DSC01832_ff_200x200.webp	Phishing
2022-09-05	medium	www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js	Phishing
2022-09-05	medium	www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js	Phishing
2022-09-05	medium	www.oelix.de/matomo/js/container_39oRZC4F.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.oelix.de/	595 B	2023-03-07	2024-03-23
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-03-23 19:17:30 Times Seen206 Hash 7af7183da9bba97305441acf8e4178ea ef83f7eb9eb60d7de1b3e02cd215f088df86102a c2f2c5fb5ce78a193ec25da77d80f8a59638c509b72fe4f3f4ee176ae0f383ac Loading...

	www.oelix.de/	339 B	2023-03-07	2023-06-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-06-07 06:29:56 Times Seen18 Hash 2ce8cbda24adbb73d40d4874e0995465 dc49c24538eb637586493a56b5e67901eb327c8b 48189ac93da49572373bdf710d865fc8145875565a1176f5e2052cd27e00bfc0 Loading...

	static-eu.payments-amazon.com/checkout.js	81 kB	2023-03-07	2023-03-10
Pretty URL static-eu.payments-amazon.com/checkout.js IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2023-03-10 15:08:30 Times Seen1 Hash b3a4a122e4d6d4fdcaeff2b76156a49b c4bd896250f3a44ef629c74d6d72449a23e5160f 05af585e5a3e68240dedd883ba80735009c8e8f7e008869defa72e54bc56c907 Loading...

	widgets.shopvote.de/js/reputation-badge-v2.min.js	30 kB	2023-03-07	2023-03-11
Pretty URL widgets.shopvote.de/js/reputation-badge-v2.min.js IP 213.133.99.219 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-11 19:36:52 Times Seen1 Hash e354f9752d5aceb19921e56ad2fb744a 904102369fbedcd729e35a19c9a89e122b2baa76 c27700a655a7e2413d70b2592703ff01eeed1e1749462213874282a5320ca1a9 Loading...

	www.oelix.de/	378 B	2023-03-07	2024-03-04
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2024-03-04 12:55:00 Times Seen50 Hash a09a7fa5d9cd68f6415a5bba6af01b47 9c4ceb0a9607aa9753cd7e6dc5417a8285e5cf54 89a7d18be5732cee46afd0b21b60ce9b47a33c347f3dc9a7e5950bf31c27013a Loading...

	www.oelix.de/	2.0 kB	2023-03-07	2023-06-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-06-07 06:29:56 Times Seen17 Hash 51980cae7a4c1d05a6cb94a7e19af696 c51edb3fc21865f4a84e778d10685f17267b64cb fd67b56f67550022e3f9a0e1e741b4fe9190e2f2b3111935bb26350eab903ce1 Loading...

	www.oelix.de/	50 B	2023-03-07	2024-01-20
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:35 Last Seen2024-01-20 20:00:18 Times Seen45 Hash c9a41056f28577569d5daafc8424fe7b 721d0838da795e24b88221a5ee16d2a695a2fac5 b5f9f76bcc6f316407ed32090a3dafe01643d4e4b45d8854f31f5c65e988442b Loading...

	www.oelix.de/	1.2 kB	2023-03-07	2023-03-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-07 12:41:34 Times Seen1 Hash 9740d5546f1b4cf44eb09fa030ec246a f0330149cd3d5a36e40edc44fbce94c545b8a57b b188d7f6f23b82eef26ba9ff2d20b0b18764f243d0558830bd0a2728cca0aea6 Loading...

	www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false	12 kB	2023-03-07	2023-09-21
Pretty URL www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false IP 151.101.193.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2023-09-21 06:30:01 Times Seen2247 Hash 3307954f54f00b5074e3fa50b8d9be1d cd0434155a8895b91bb92e168293d6fe750f5c2e 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Loading...

	bat.bing.com/p/action/56359553.js	1.1 kB	2023-03-07	2023-03-08
Pretty URL bat.bing.com/p/action/56359553.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-08 06:53:20 Times Seen1 Hash 96a08165fe92cd56ec0d790350e6fb71 af23a9e3759de5d714ca379efb0d31d529dbf39d c05fcb39298610e445e3e2bd07ca7053da20525d8508984bdf0815cba977e91e Loading...

	www.clarity.ms/eus2/s/0.6.40/clarity.js	55 kB	2023-03-07	2023-08-11
Pretty URL www.clarity.ms/eus2/s/0.6.40/clarity.js IP 104.212.67.162 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2023-08-11 03:38:39 Times Seen27 Hash c238c096f4ff077be41b8296711e8641 a50be06611656993022a860865c30f85e8ff7832 bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260 Loading...

	www.oelix.de/	187 B	2023-03-07	2023-06-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-06-07 06:29:56 Times Seen17 Hash b0ed96936c6e96dc22eda90651f06ae2 ac4970023689056a9ee030d967d90cb70217eaa1 2a8007a4ae15d31faca1de40870af29ac289a3df0418b11c7db3d8dba9d03bd9 Loading...

	www.oelix.de/	1.7 kB	2023-03-07	2023-03-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-07 12:41:34 Times Seen1 Hash f95a1ea2f6b9902fa444e4f522d11317 a419c6c0f95252fd2d784228817a900a82f6404e 101daeb0884290d263c23243b5f43e4debc70c2b4028ec4d3603e32c067e4246 Loading...

	www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&currency=EUR&components=messages	260 kB	2023-03-07	2023-03-07
Pretty URL www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&currency=EUR&components=messages IP 151.101.193.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-07 12:41:34 Times Seen1 Hash 9f30b37dcf7cf914f85c6f457780d7ac efba0b8c5df33c5368a19f1d0e13d4741e77b9ec 5c601aaeef88d6f1444cc10052ac357d40128ea6ffaf8e95a1c8374d916010c3 Loading...

	www.oelix.de/	1.0 kB	2023-03-07	2024-03-04
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2024-03-04 12:55:00 Times Seen49 Hash dc6f67c5ee91d654684f45dd213d5643 0a1a06ef710eb89dcc35f733c0f9b845c86379d1 293c56692879f430915ac9c680febff73de33c0eedf996e4b127e761af09274e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.clarity.ms/tag/uet/56359553	1.6 kB	2023-03-07	2023-03-07
Pretty URL www.clarity.ms/tag/uet/56359553 IP 104.212.67.162 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-07 12:41:34 Times Seen1 Hash db6dc1eb68bd859b36b7c5dd4a1012e5 aa147e22cf9c0d5d3490df9eedbdb0593d6f0b34 9d7fbbb81f7bd3252a203ed7430f77086a9e67d21c75f52e355b1967570e440e Loading...

	www.oelix.de/	510 B	2023-03-07	2023-06-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-06-07 06:29:56 Times Seen18 Hash c3bda43594fbcd94e37c611311eff0d7 40def3b60a2e302540fea8b181c97cd1c6a90045 119299e18f71ae60db9686b4c102d3ab34281850de1c5d10899cb7ae8f0f501e Loading...

	www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js	10 kB	2023-03-07	2023-11-05
Pretty URL www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2023-11-05 15:54:16 Times Seen14 Hash bc7514816a2c047760d166724308c2ad 84ceb76c2794e12cde5b0b49310095b530798627 412ef2402f5afdd783a50af70f2e9b30ba0316d53eacb974657a2defad2527f5 Loading...

	www.oelix.de/matomo/matomo.js	64 kB	2023-03-07	2024-04-25
Pretty URL www.oelix.de/matomo/matomo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2024-04-25 14:59:34 Times Seen1091 Hash e9e9d0884aaa3aa73208190831ad132e af8e8910de429e3648ceed380aa8bb091029e26b 5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142 Loading...

	www.oelix.de/matomo/js/container_39oRZC4F.js	28 kB	2023-03-07	2023-03-08
Pretty URL www.oelix.de/matomo/js/container_39oRZC4F.js IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-08 06:53:20 Times Seen1 Hash 53fb65c1618b67127888813baaf0fbde 5408aebdcb3b7194c14bd42acb1a78b7ef149a4b 3afdc8f8cd478b6ff4bab9d9e4df3bd80e181d55b469c7c2ed0d08ea57ef50f2 Loading...

	www.oelix.de/mautic/focus/1.js	46 kB	2023-03-07	2023-03-14
Pretty URL www.oelix.de/mautic/focus/1.js IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2023-03-14 11:47:46 Times Seen1 Hash fe0f29f01a1a5500ec3414f9e8fb741b aece5e4c8d56d358b4f4e0681495e9905a2b9d56 d1807b3515058fea4cd6f7eae8ba4df1214ccc25631ca856d8248cd13d87201d Loading...

	www.oelix.de/	375 B	2023-03-07	2023-06-07
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:48 Last Seen2023-06-07 06:29:56 Times Seen19 Hash 00ed21d3a4def587384ce8d562a1f7f2 a7b1f22e868aaaee7609d2e04af323652d8f0c7e f9f63d9e8a286df27bcf80dd86f27764f5c5fe855de13ede909c4d68261d8314 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	www.oelix.de/	773 B	2023-03-07	2023-04-05
Pretty URL www.oelix.de/ IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2023-04-05 01:57:34 Times Seen24 Hash 4ddbd6d6695e3b58c8f20726982da8c5 ea6572ba2260dcd6611a9c587f2314a52122ca43 5f84c0acaaac5c4b53733c5409d6e062f29b614f533c4e47e0eaac34e9c5c0f1 Loading...

	www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js	657 kB	2023-03-07	2023-03-07
Pretty URL www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js IP 173.212.212.200 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:34 Last Seen2023-03-07 12:41:34 Times Seen1 Hash dd634c8840c64523717a693473251ef0 de358eda2dc3e731742a98f31b9e436320b62f05 d8ad7c0e85a8e4b5641ad1a2e87b672cc00f6d5a003fd179c85ad17873870698 Loading...

HTTP Transactions (83)

URL IP Response Size

oelix.de/

173.212.212.200

301 Moved Permanently

162 B

URL HTTP/1.1
oelix.de/
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2022 04:35:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.oelix.de/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10628
Expires: Mon, 05 Sep 2022 07:33:01 GMT
Date: Mon, 05 Sep 2022 04:35:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 03:44:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0yn-q3IhEdor3o4w1EUwNu5NvhoZVZDMHduVWjqbmo11bfdBvd88Mg==
Age: 3069

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EcY6pKpBWVKW4-ovGiRF6Vlvbmlx_weI2IMVi3xRMCr1VpM9LJsjdA==
age: 12036
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.oelix.de/

173.212.212.200

200 OK

15 kB

URL HTTP/2
www.oelix.de/
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61010)
Size
15 kB (14820 bytes)
Hash
92b49d3448affb0084d3c95038be4721
8023467fede8e04789b38168430d168dced7b576
7f38d27c5bf606c6d815abac9b4ce1386e5d1609bb1a5a73d8d2c0514028d054

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/html; charset=UTF-8
content-length: 14820
link: </web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css>; rel="preload"; as="style",</web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js>; rel="preload"; as="script"
x-content-digest: en24ba814b1a5e5f02e696d78419fc28b1b6d8c85106314c4518b3201c948d458d
age: 2751
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:53 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:53 GMT; Max-Age=0; path=/; secure; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a1326be01f8e1365a0794faa650c170
2d65c16eafe329f018c996c1b9e7d4c8c2164026
37d51469a4e2ac52a7cde6d5b4e01bba0095500bccd28a9ebdf80b3a3db51f78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:15:39 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1088198e81bd01d26b14651b4b37a234
7da54eb15dfbeccabcfec0b7e2517f74ed9db0d5
cb938c246dda393cb6f1fd69194e02cce2f5a1887eaaf675dc2f76ed4e22af24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:22:48 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kzp_ejrkPY706w5VUA7EltmxCw_D6SLgFbomtN069t3U9ZPobx2RuQ==
Age: 4387

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6aea7a4d711e5397e020df45b4813cc4
228fead3184a22151c0cde0ef4fcea01df64e8a3
dfa8d2a3d3667357aa94265e57bacaf9a7fd7a4a22d6686b3f0d02f182c4570e

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 02:46:32 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 471

widgets.shopvote.de/js/reputation-badge-v2.min.js

213.133.99.219

200 OK

6.8 kB

URL HTTP/1.1
widgets.shopvote.de/js/reputation-badge-v2.min.js
IP
213.133.99.219:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (29648), with no line terminators
Size
6.8 kB (6800 bytes)
Hash
2a6ea2094aa5a2b367e819466cd0e97d
68a8696490bb4d05bbcc528df3e5dd7e10f820bd
b322e4367d305a16fcf327562ac9efde9603888dddad958b19123309d5e02d65

HTTP Headers

GET /js/reputation-badge-v2.min.js HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:39:37 GMT
ETag: "6e4104d-73d1-5e1652ed611c4"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 6800
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.oelix.de/static/background/301365_6458_bg.jpg

173.212.212.200

200 OK

136 kB

URL HTTP/2
www.oelix.de/static/background/301365_6458_bg.jpg
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon PowerShot S70, orientation=upper-left, xresolution=160, yresolution=168, resolutionunit=2, software=GIMP 2.6.12, datetime=2013:03:26 14:10:50], progressive, precision 8, 1043x1071, components 3\012- data
Size
136 kB (136098 bytes)
Hash
d58d1cefc72f52c8f35538ecad8520ec
750084d8f62dc07d53ae3a9ff1bc3a7616badfbc
f20db0fafc15db0713b0dd502322530ff84904095786f3f2c83dbd78a8a90afd

HTTP Headers

GET /static/background/301365_6458_bg.jpg HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/jpeg
content-length: 136098
last-modified: Tue, 31 Dec 2013 13:36:30 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "52c2c85e-213a2"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/cf/4a/72/HomeIcon.png

173.212.212.200

200 OK

3.3 kB

URL HTTP/2
www.oelix.de/media/image/cf/4a/72/HomeIcon.png
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 132 x 38, 8-bit/color RGBA, interlaced\012- data
Size
3.3 kB (3269 bytes)
Hash
68b90b5b6d310bb700cdf4dfa91a29e7
421cbf048f02af064b829f3f3f86788c7124c37a
9e06f984199adff0fad760b119f180dd2fa6d9ff03108f7fdb328ef387adf257

HTTP Headers

GET /media/image/cf/4a/72/HomeIcon.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 3269
last-modified: Tue, 18 Feb 2020 17:28:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "5e4c1eb7-cc5"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/7d/ee/52/footer_bg_hoch.png

173.212.212.200

200 OK

6.1 kB

URL HTTP/2
www.oelix.de/media/image/7d/ee/52/footer_bg_hoch.png
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 730 x 442, 8-bit/color RGBA, interlaced\012- data
Size
6.1 kB (6091 bytes)
Hash
5f80488b4ef7813db92ccb5255afcd05
431a0b03060fc10d5dcd86fe4a2d723fc7f92f3b
3c156f70cd6fdc6e83cc6e852653c649b9332fbdf421c71b7bdcca5369367ffb

HTTP Headers

GET /media/image/7d/ee/52/footer_bg_hoch.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 6091
last-modified: Tue, 18 Feb 2020 17:32:40 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "5e4c1fb8-17cb"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/26/6d/35/social-sprite.png

173.212.212.200

200 OK

30 kB

URL HTTP/2
www.oelix.de/media/image/26/6d/35/social-sprite.png
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 230 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30289 bytes)
Hash
aa66f2186c0f5c5c04a813d280f31429
1c8fe42cb7e4ac16ce2a1b02e164cc6f703b5a2a
8e90dfa66ab401c3166a43c24e326bce559ef955a26d983725b8545fe592966e

HTTP Headers

GET /media/image/26/6d/35/social-sprite.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 30289
last-modified: Tue, 09 Nov 2021 13:04:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "618a71c0-7651"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b

173.212.212.200

200 OK

42 kB

URL HTTP/2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Web Open Font Format (Version 2), TrueType, length 41684, version 1.6619\012- data
Size
42 kB (41684 bytes)
Hash
237aa94493d93bcf630b9a062f455d0a
3d2fab0aea06119ea018a1833cb4e52445c39b75
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 41684
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 04:35:54 GMT
etag: "62d548b0-a2d4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7

173.212.212.200

200 OK

44 kB

URL HTTP/2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Web Open Font Format (Version 2), TrueType, length 43524, version 1.6619\012- data
Size
44 kB (43524 bytes)
Hash
b62818c54031125f5feb919cf0cb6752
29520539229ea3019411dabb4ff21bb461e3dab2
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 43524
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 04:35:54 GMT
etag: "62d548b0-aa04"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605

173.212.212.200

200 OK

24 kB

URL HTTP/2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Web Open Font Format (Version 2), TrueType, length 24276, version 1.0\012- data
Size
24 kB (24276 bytes)
Hash
542276b37771317f850a11ee89e0720d
20ce7199ec6a04947e871b38f691d046d2ed5220
386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 24276
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
etag: "62d548b0-5ed4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/e6/95/eb/logo_250-94.webp

173.212.212.200

200 OK

3.5 kB

URL HTTP/2
www.oelix.de/media/image/e6/95/eb/logo_250-94.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x94, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3450 bytes)
Hash
b31cea2b6a9c6f8a1122e9e3c56c42e1
0ca675749d09a3c08a8717f11b28b9867f805164
208dbbfb3af54bec3f4e9ca98180d5c629dddcc6a7b10c737fcdaf12c9f38d7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/e6/95/eb/logo_250-94.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/webp
content-length: 3450
last-modified: Wed, 28 Apr 2021 08:03:07 GMT
vary: Accept-Encoding
etag: "608916bb-d7a"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 03:38:16 GMT
Expires: Mon, 05 Sep 2022 04:15:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tnesbtJFHiTia-zpSowEWr-FqAg-IJNuiQRyLeqLV9n8s6gyy2rfVw==
Age: 3458

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3141
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:43:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

widgets.shopvote.de/allvotes-v2.php?shopid=14890&type=1&src=https&lang=de

213.133.99.219

200 OK

695 B

URL HTTP/1.1
widgets.shopvote.de/allvotes-v2.php?shopid=14890&type=1&src=https&lang=de
IP
213.133.99.219:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- HTML document, ASCII text, with very long lines (1478), with no line terminators
Size
695 B (695 bytes)
Hash
fae3f6d2b17de2624b5606b9e31f473f
88dee826835820fb913ecdd6f923b635e447ed16
9f23aab1723723bc33ff63acb53984eb0cfa06729b6c9d9de0d759d7b0acb0b8

HTTP Headers

GET /allvotes-v2.php?shopid=14890&type=1&src=https&lang=de HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Expires: Wed, 07 Sep 2022 04:35:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 695
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html

widgets.shopvote.de/buttons/avg2-gold.png

213.133.99.219

200 OK

16 kB

URL HTTP/1.1
widgets.shopvote.de/buttons/avg2-gold.png
IP
213.133.99.219:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 126 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16344 bytes)
Hash
ce58f84f4b43c944d435cd42c370ccbf
773a4973c409c863028f483ae3e708c713b816fd
a7b9f69c1b6a313f1f07752711d794334c708c67c663b74ce2148e313305fc6a

HTTP Headers

GET /buttons/avg2-gold.png HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Thu, 04 Jan 2018 16:23:18 GMT
ETag: "6fc0492-3fd8-561f5bfe6a980"
Accept-Ranges: bytes
Content-Length: 16344
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png

www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&currency=EUR&components=messages

151.101.193.21

200 OK

76 kB

URL HTTP/2
www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&currency=EUR&components=messages
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
76 kB (76190 bytes)
Hash
1ffc275ea27196bc29918d78b1debb18
fe28aa9785837a95ba6301df710c0965e1005a0d
d388c704622291ba218fb5cf3775d8b4b5d330a31565eda43d987d6e6148af22

HTTP Headers

GET /sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&currency=EUR&components=messages HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-lKHVMUODlZrYzr7aeE0Rvotp6EL92zcx5YVMN/pebXV0FhHR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-lKHVMUODlZrYzr7aeE0Rvotp6EL92zcx5YVMN/pebXV0FhHR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"1299e-/iiql4WDepW6YwHfcQwJZeEAWg0"
p3p: true
paypal-debug-id: f5488653a3751
traceparent: 00-0000000000000000000f5488653a3751-1995d309a2fcb7e8-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 04:35:54 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11571-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662352554.306743,VS0,VE642
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f5488653a3751-e18c2333ec481204-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 76190
X-Firefox-Spdy: h2

widgets.shopvote.de/buttons/av2-stars-gold.png

213.133.99.219

200 OK

406 B

URL HTTP/1.1
widgets.shopvote.de/buttons/av2-stars-gold.png
IP
213.133.99.219:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 73 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
406 B (406 bytes)
Hash
44678100240dc6ac2699e8cb30599fbe
49708842e9660ea4344290d2bef012b62c6c0b81
cf2165bdf909f77c5d4bfb89447506aa26d1118decf077556d1aeb8978668df9

HTTP Headers

GET /buttons/av2-stars-gold.png HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Thu, 26 Oct 2017 15:36:04 GMT
ETag: "6fc044a-196-55c74ee170100"
Accept-Ranges: bytes
Content-Length: 406
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png

www.oelix.de/mautic/focus/1.js

173.212.212.200

200 OK

7.7 kB

URL HTTP/2
www.oelix.de/mautic/focus/1.js
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Unicode text, UTF-8 text, with very long lines (16182)
Size
7.7 kB (7662 bytes)
Hash
6b3255f193a1bf959e7b0d0152f00c10
7022f857562bfd54a4e697a26bd33e171f17d565
065b1c5d3813c698be3fcde9cdf3b41417d9f73053274a5bf8f65d076fc62ff0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mautic/focus/1.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: application/javascript
content-length: 7662
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Mon, 05 Sep 2022 04:35:54 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.165.143.157

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.143.157:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z8KmHCgjpjtz/KPe6LbhmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I+iq/Kc/HYiAPShqdV0zNOlS2Fk=

img.shopvote.de/profile-seal-160-gold.png

213.133.99.219

200 OK

11 kB

URL HTTP/1.1
img.shopvote.de/profile-seal-160-gold.png
IP
213.133.99.219:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11167 bytes)
Hash
98bd829907eb15dbf6d6acd78297e281
9a2a37ca6c29d76ba73428a306ddfcf6ffec989f
1ca288c521b6bb5ce74bae75d2c313a304c8539789b1e604bb05c71e182952c5

HTTP Headers

GET /profile-seal-160-gold.png HTTP/1.1
Host: img.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:55 GMT
Server: Apache
Last-Modified: Thu, 27 Jan 2022 06:29:43 GMT
ETag: "6f81440-2b9f-5d68a719563c0"
Accept-Ranges: bytes
Content-Length: 11167
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:55 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png

www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false

151.101.193.21

200 OK

4.3 kB

URL HTTP/2
www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (12084), with no line terminators
Size
4.3 kB (4299 bytes)
Hash
da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4

HTTP Headers

GET /tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-f+SZCxJk9I33Yg7AQZMMXFVhYeWADSaCdnPFKINCtHhHNu3i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f3394568ab7bb
traceparent: 00-0000000000000000000f3394568ab7bb-c5926651fc9c1dce-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 04:35:55 GMT
age: 316
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11578-HHN, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662352555.088962,VS0,VE21
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f3394568ab7bb-eb08e08615682b1a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2

www.oelix.de/media/image/2f/92/04/Tropfen_180x180591446b491fb8.png

173.212.212.200

200 OK

6.4 kB

URL HTTP/2
www.oelix.de/media/image/2f/92/04/Tropfen_180x180591446b491fb8.png
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
PNG image data, 180 x 180, 8-bit/color RGBA, interlaced\012- data
Size
6.4 kB (6361 bytes)
Hash
b73ce98517f5cd2f376624968d55fd05
7d24b481d78a5eff80429f7adaf183ed59f29973
cb591cb5a0aad62f85b3478b7b5eba73fe4b5e695fc454eb3473d4273f461871

HTTP Headers

GET /media/image/2f/92/04/Tropfen_180x180591446b491fb8.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/png
content-length: 6361
last-modified: Thu, 11 May 2017 11:10:44 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:54 GMT
etag: "591446b4-18d9"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/unknown/d9/0c/f4/favicon.ico

173.212.212.200

200 OK

1.4 kB

URL HTTP/2
www.oelix.de/media/unknown/d9/0c/f4/favicon.ico
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Size
1.4 kB (1406 bytes)
Hash
2f2e2ef330114419f03b8eac1b74af82
070b958cfebefdc2e90a1159677b459841c733a5
921c8836cf033fc37e70f0d7e6568921ce0afd42acfae55a16ce4b3da655b199

HTTP Headers

GET /media/unknown/d9/0c/f4/favicon.ico HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/vnd.microsoft.icon
content-length: 1406
last-modified: Thu, 11 May 2017 11:11:33 GMT
vary: Accept-Encoding
etag: "591446e5-57e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0

173.212.212.200

204 No Content

0 B

URL HTTP/2
www.oelix.de/matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

192.229.221.25

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Mon, 05 Sep 2022 04:35:55 GMT
expires: Mon, 05 Sep 2022 04:35:55 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 810466fdb6bd6
pragma: no-cache
server: ECAcc (frb/67A3)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=182
set-cookie: ts=vreXpYrS%3D1757046955%26vteXpYrS%3D1662354355%26vr%3D0beefd031830a62377664f67ffffffff%26vt%3D0beefd031830a62377664f67fffffffe; Expires=Fri, 05 Sep 2025 04:35:55 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D0beefd031830a62377664f67ffffffff%26vt%3D0beefd031830a62377664f67fffffffe; Expires=Fri, 05 Sep 2025 04:35:55 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000810466fdb6bd6-185cc774ed8faf62-01
content-length: 42
X-Firefox-Spdy: h2

www.oelix.de/widgets/emotion/index/emotionId/1/secret//controllerName/index

173.212.212.200

200 OK

608 B

URL HTTP/2
www.oelix.de/widgets/emotion/index/emotionId/1/secret//controllerName/index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Unicode text, UTF-8 text, with very long lines (1593), with no line terminators
Size
608 B (608 bytes)
Hash
95c855cb6e7f81f74072305a70328191
26ab448bd23cb6e61b62a757f6fb6c3acec65efd
065a5c8f978756508f98f78292c50edc7fbde0fd1e2ca8851c91362889c34d26

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /widgets/emotion/index/emotionId/1/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 608
x-content-digest: encc6b13d87aac221ea1a09e5104240fe3aa256364a41f91e19c684840c230d239
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/widgets/emotion/index/emotionId/22/secret//controllerName/index

173.212.212.200

200 OK

3.0 kB

URL HTTP/2
www.oelix.de/widgets/emotion/index/emotionId/22/secret//controllerName/index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26125), with no line terminators
Size
3.0 kB (3033 bytes)
Hash
e6072e3a392e54712ec3a44915095adc
9c4684492fe7b6ae47794a6001ad22091e8071f4
8f9c691073af8f3bc40aeff665799cef4c5e026d7bb95ebde29ac8282928dbd6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /widgets/emotion/index/emotionId/22/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 3033
x-content-digest: en52becc23cc32f30177e1a694427754e396d0becb50d7c2db0e4a22cc4a07078a
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/widgets/emotion/index/emotionId/94/secret//controllerName/index

173.212.212.200

200 OK

826 B

URL HTTP/2
www.oelix.de/widgets/emotion/index/emotionId/94/secret//controllerName/index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
Unicode text, UTF-8 text, with very long lines (2216), with no line terminators
Size
826 B (826 bytes)
Hash
1116b8b3c638adf4cab5248e3ced4e5e
0a540f7f52e90f8b1d149f7c716ee91905487f09
ea15d0e9bf79747ee9da576118faf753505d510c35111b9cbc29038812507b5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /widgets/emotion/index/emotionId/94/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 826
x-content-digest: en0443b23f1a8c5803505768f7a3c173949e799abfa8db7084a1424f69c51537f5
age: 5989
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/widgets/emotion/index/emotionId/3/secret//controllerName/index

173.212.212.200

200 OK

13 kB

URL HTTP/2
www.oelix.de/widgets/emotion/index/emotionId/3/secret//controllerName/index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65310), with no line terminators
Size
13 kB (12895 bytes)
Hash
9f25127d6737510793981d9d10f2625f
b0cb8da668d3db929aca3a1767d2622b319eee56
d3f57c58a1632d5add647caddbac230d6582a3464e7a49792229a94595ba3ed3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /widgets/emotion/index/emotionId/3/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 12895
x-content-digest: eneb17bb5ba33393a37e949f33d67bbf6b8008b9a7ff7606dd8c51094e5c86bfa3
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/widgets/emotion/index/emotionId/2/secret//controllerName/index

173.212.212.200

200 OK

12 kB

URL HTTP/2
www.oelix.de/widgets/emotion/index/emotionId/2/secret//controllerName/index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65320), with no line terminators
Size
12 kB (11880 bytes)
Hash
5e94aa1f103bbb7207273cbb2cfa2a16
29d09573d28747e88a56105b4b4b62f1e9401299
bb4313b28027be71e418b2ba33c2dedc2c5d15c90f90e78f6128356d4f62e0bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /widgets/emotion/index/emotionId/2/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 11880
x-content-digest: en914664db7089f85f4150ca16564e2534a14669e4099bdfb618a6772867ab9ac8
age: 916
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/media/image/34/8a/58/Marktgeplapper_Pilgern.jpg

173.212.212.200

200 OK

335 kB

URL HTTP/2
www.oelix.de/media/image/34/8a/58/Marktgeplapper_Pilgern.jpg
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2021:08:31 12:33:59], progressive, precision 8, 1426x894, components 3\012- data
Size
335 kB (334990 bytes)
Hash
f059b34d034213ca49254752f385191e
c52b4b29aa1f48fd7d0e75622fb4060f8ad31899
84d9585f0ebb3a2819abfa4cc20591be4d97b27b903a380ec4f2b6f9b1a25398

HTTP Headers

GET /media/image/34/8a/58/Marktgeplapper_Pilgern.jpg HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/jpeg
content-length: 334990
last-modified: Tue, 31 Aug 2021 10:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:55 GMT
etag: "612e05b9-51c8e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp

173.212.212.200

200 OK

6.4 kB

URL HTTP/2
www.oelix.de/media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 150x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6358 bytes)
Hash
036d63d29a857c67a68757f30e59b0f1
09717be5f5bcc9d8735b75b1a53a5d58e9eba943
6b9e3c61b7387ccc0b1e2c6632ed09413faff05bfde7a822f1ca910f8d5e78a9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6358
last-modified: Tue, 27 Apr 2021 16:21:15 GMT
vary: Accept-Encoding
etag: "608839fb-18d6"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/09/00/bf/DSC00479_ff_200x200.webp

173.212.212.200

200 OK

7.5 kB

URL HTTP/2
www.oelix.de/media/image/09/00/bf/DSC00479_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x181, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7536 bytes)
Hash
01a8f030e72ca2084aefa7e9c074ca24
b40f38c18aca2913ff33627be3fdcfa432e173c5
8d3c9b156c9c7750f22ec7cbab13574756eaa27e788cbfdc6bc535dab28737ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/09/00/bf/DSC00479_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7536
last-modified: Tue, 27 Apr 2021 16:12:20 GMT
vary: Accept-Encoding
etag: "608837e4-1d70"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/91/56/03/DSC00939_ff_200x200.webp

173.212.212.200

200 OK

4.6 kB

URL HTTP/2
www.oelix.de/media/image/91/56/03/DSC00939_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 149x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.6 kB (4552 bytes)
Hash
91a8f6337966adc3fb93d666ebed5552
63fca9dac87346455ff9932232dc80edcad0981f
0502ea1820ad533d5f650569ce0cbb42ee1931667943c5d73f64ee17f442fa10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/91/56/03/DSC00939_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4552
last-modified: Tue, 27 Apr 2021 15:57:48 GMT
vary: Accept-Encoding
etag: "6088347c-11c8"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/ae/45/18/DSC00498_ff_200x200.webp

173.212.212.200

200 OK

4.3 kB

URL HTTP/2
www.oelix.de/media/image/ae/45/18/DSC00498_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 150x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.3 kB (4258 bytes)
Hash
1deef326aec64ab2acd24ce382dd5a90
c05483b48daa8b00db9160d6d959037cea74f751
3a2e3c483521b47b1a8829ad00b93dad8f9d2fb80ba9f9f4f891fa005ec879af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/ae/45/18/DSC00498_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4258
last-modified: Tue, 27 Apr 2021 16:00:35 GMT
vary: Accept-Encoding
etag: "60883523-10a2"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/g0/7c/38/DSC01923_ff_200x200.webp

173.212.212.200

200 OK

4.6 kB

URL HTTP/2
www.oelix.de/media/image/g0/7c/38/DSC01923_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 152x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.6 kB (4554 bytes)
Hash
d0dca0f1f744e03de1a370c9567c7db7
7166bcb8406ee4a5b9b4f41667d70626dbaf7807
25e4c0a186fa8919f1088aec9bbb4cdd85fdc6ec8a597c41c39a1ba78b6da627

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/g0/7c/38/DSC01923_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4554
last-modified: Fri, 25 Feb 2022 10:41:30 GMT
vary: Accept-Encoding
etag: "6218b25a-11ca"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/fa/91/cc/DSC01154_ff_200x200.webp

173.212.212.200

200 OK

7.1 kB

URL HTTP/2
www.oelix.de/media/image/fa/91/cc/DSC01154_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x174, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.1 kB (7052 bytes)
Hash
d2ef728bd41c06e5f8c4dba2f7fcda1b
f3d2b3d76a0e1eb40c6944d3992ed66c5e792742
d79821b647befc19119a6df67409812f2d38ff5d24d761261f5f42e4c1e49c37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/fa/91/cc/DSC01154_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7052
last-modified: Tue, 01 Feb 2022 13:53:04 GMT
vary: Accept-Encoding
etag: "61f93b40-1b8c"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/80/69/14/DSC01885_ff_200x200.webp

173.212.212.200

200 OK

7.0 kB

URL HTTP/2
www.oelix.de/media/image/80/69/14/DSC01885_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x135, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.0 kB (7030 bytes)
Hash
f771d0f79864f34c62d44edb308b2d3e
b78d410a7b851a8a029da72b21b8aa55ec96970a
d9ae268ee72db9c9093313d9b54ea2eb8ba805ca458f31927c20177d799d757f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/80/69/14/DSC01885_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7030
last-modified: Tue, 07 Dec 2021 09:43:17 GMT
vary: Accept-Encoding
etag: "61af2cb5-1b76"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/97/c4/f7/DSC01863_ff_200x200.webp

173.212.212.200

200 OK

6.2 kB

URL HTTP/2
www.oelix.de/media/image/97/c4/f7/DSC01863_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6190 bytes)
Hash
375cf337b75f951c370bd0a05dfe63fa
1b4156a5f274e6b6282a471d1044c9a5463026b4
357a96a267fd3d9b68f2ef37153eaaed76faa5ef83fc172f01ecd3a21c7eadb7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/97/c4/f7/DSC01863_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6190
last-modified: Tue, 16 Nov 2021 11:22:51 GMT
vary: Accept-Encoding
etag: "6193948b-182e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/c7/33/e9/DSC01873_ff_200x200.webp

173.212.212.200

200 OK

5.5 kB

URL HTTP/2
www.oelix.de/media/image/c7/33/e9/DSC01873_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x187, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.5 kB (5470 bytes)
Hash
5a3b4b8d299b7800a083dfc54ef2bd29
f6ffd46d726609d7ad42677e87f71213b31b2e6c
4926fbe182972901f29c5e04449d42d46cbbf85331f5a1faf79c40894f4558ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/c7/33/e9/DSC01873_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5470
last-modified: Tue, 01 Feb 2022 13:30:11 GMT
vary: Accept-Encoding
etag: "61f935e3-155e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/29/5c/d6/DSC00675_ff_200x200.webp

173.212.212.200

200 OK

5.9 kB

URL HTTP/2
www.oelix.de/media/image/29/5c/d6/DSC00675_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 177x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.9 kB (5892 bytes)
Hash
2afb0fe539a8908bb2641a90df55a28e
ea1a338fa247a19fe08b41e70bfd574f3a59c4ce
ef8e28f8df17f156b2201e34643357f006ef797bcec3d85134a53506581aa06a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/29/5c/d6/DSC00675_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5892
last-modified: Tue, 27 Apr 2021 16:05:32 GMT
vary: Accept-Encoding
etag: "6088364c-1704"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp

173.212.212.200

200 OK

6.4 kB

URL HTTP/2
www.oelix.de/media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x177, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6356 bytes)
Hash
9450708b7eb90bbcbfddd1d6fc7b8ec7
6d612273f1675275dd5977fb8235beb353251f22
9f6aa41dd47193804c4098190bf5dc2f52abf7e2cfa13adc88a3c957753b101c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6356
last-modified: Tue, 27 Apr 2021 16:19:57 GMT
vary: Accept-Encoding
etag: "608839ad-18d4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/5b/96/05/DSC01718_ff_200x200.webp

173.212.212.200

200 OK

4.6 kB

URL HTTP/2
www.oelix.de/media/image/5b/96/05/DSC01718_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.6 kB (4646 bytes)
Hash
d3924363df2f8cf3d51d73e3f37fc67d
b0c8a1580f7e5663f28ab2bff840249551c32ccb
9a609281131a0c1868ee2ccc4e58aff64f88dfb37ff0fe5625ca4edea0c81ddc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/5b/96/05/DSC01718_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4646
last-modified: Tue, 27 Apr 2021 15:21:35 GMT
vary: Accept-Encoding
etag: "60882bff-1226"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/bc/5a/79/DSC00538_ff_200x200.webp

173.212.212.200

200 OK

5.1 kB

URL HTTP/2
www.oelix.de/media/image/bc/5a/79/DSC00538_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 165x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.1 kB (5134 bytes)
Hash
fbc5308687978ec01822516a769bf19f
093922a9b8063ffccea2a0d21190cb2942c23232
9b21e627f3de894fa8f6dde50b3d289c2929910f9bb29a5c2fc0a633112ecfd8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/bc/5a/79/DSC00538_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5134
last-modified: Tue, 27 Apr 2021 16:02:37 GMT
vary: Accept-Encoding
etag: "6088359d-140e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/media/image/e6/3e/05/DSC00266_ff_200x200.webp

173.212.212.200

200 OK

6.2 kB

URL HTTP/2
www.oelix.de/media/image/e6/3e/05/DSC00266_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6220 bytes)
Hash
fc303a2e4d4686f322126ca13de1d046
9bfad94ff59e1e0bef4e5e4676d59f59a4a4010c
a39b902d754c001df82a18234a4e55e16eb5a70d4e43dce48324750f92e6fcc3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/e6/3e/05/DSC00266_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6220
last-modified: Tue, 27 Apr 2021 16:02:07 GMT
vary: Accept-Encoding
etag: "6088357f-184c"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widgets/index/refreshStatistic?requestPage=%2F&requestController=index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: private
x-robots-tag: noindex
pragma: no-cache
expires: -1
x-body-eval: ESI
set-cookie: session-1=uohoqm7k2bnliumdgqr9g6mn6i; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; domain=oelix.de; httponly
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

www.oelix.de/csrftoken

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/csrftoken
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /csrftoken HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-csrf-token: 9HTEZgqU0lLpl0KKYWaoZGybzpA0DN
pragma: no-cache
expires: -1
cache-control: no-cache, private
set-cookie: session-1=ahrsjuv8ia2u3q7l088mefnbf4; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; domain=oelix.de; httponly
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive

bat.bing.com/bat.js

13.107.21.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11367 bytes)
Hash
293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=15240E743AF263E6119E1C623BA56289; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FF7790A5EC34206A29B24DAC76E034F Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11654 bytes)
Hash
236f57d73839def5d9ddd1b993394bac
a32ddb91fce6c75ee39530117afcf31d6c6eea94
5c4eab322f6c6a7462a4350dde8d32fc321e6d026e72c0bdb282a56da72c9664

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11654
x-amzn-requestid: 7dec27e0-0959-435b-b155-6afeb503dac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxJUJGf-oAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631055b3-15838b603291931a4d236ff2;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 06:48:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xeYGWeNQ32oY9qWzxAEr3PhixxBQJBKUEFOpSS9mKqJqqGtHltVVIQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:39:33 GMT
age: 21383
etag: "a32ddb91fce6c75ee39530117afcf31d6c6eea94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css

173.212.212.200

200 OK

69 kB

URL HTTP/2
www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
69 kB (69171 bytes)
Hash
6992bf8bc1cf95ab7574f6414004b3fc
81fd484fe07d1c48c5262617c5ebf26d6b1c8e72
c2e7863183fd1ab5547a3f27aba2527f16a87f1b22669b602cdabf5b5592d71f

HTTP Headers

GET /web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 09:48:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"6307457d-6d8b0"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11003 bytes)
Hash
8a5ed2a9c430f2f02da773c400d096e0
618252c5082ccfeeb8bc92aecba4485c48ac4206
948158a29f15f5f5ab45f541b665269d43bfc1e3b444ee4ecb9ba715d5b616d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11003
x-amzn-requestid: 29b9c3bc-4b10-44ed-9bc0-111a672c1d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqpJpGjxoAMFzSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dbbd7-1547b64d2fc3052e510f6218;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:27:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TGpnDyF8_8hy5bs5denuqKSMzLl98Oz7YHx4MAOMr_Ah-POktYDXSA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:42 GMT
age: 23534
etag: "618252c5082ccfeeb8bc92aecba4485c48ac4206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6486 bytes)
Hash
9d19ae40ba0a61c69d0bbc87ed8da454
064232b77c890404a294500597e562b3945453be
a2d2bfe5d44394511949665e36492706dd655a46198bf7ae555033eedfa46d83

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 94ff7301-4895-4fad-81db-a2774c8db061
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeaFDYIAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c45c-450abb734f447a2c2db18aae;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:05:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuxGNBXMMm2SeJckWUMNQfuKBX6IbhwaIyGPuDGjnRI6C5YIor9flQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:43:50 GMT
age: 3126
etag: "064232b77c890404a294500597e562b3945453be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10770 bytes)
Hash
5231760bb81282416f2bd27a4261099e
e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 24628
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7830 bytes)
Hash
290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 24385
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 02:41:12 GMT
expires: Mon, 05 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 6884
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=&lt=2506&evt=pageLoad&sv=1&rn=66499

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=&lt=2506&evt=pageLoad&sv=1&rn=66499
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=&lt=2506&evt=pageLoad&sv=1&rn=66499 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1F6F1671DA5060C327FA0467DB076173; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FAED464F93BB4D3CAE3365E190C43D1D Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2

bat.bing.com/p/action/56359553.js

13.107.21.200

200 OK

668 B

URL HTTP/2
bat.bing.com/p/action/56359553.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
668 B (668 bytes)
Hash
2d4f8b8192887175a055aab55cac3af5
1e3b81463e214b201ddd0a45e2aa4596da268825
d91621ff1486e00c9365028f24a6195a4398b0a25326e0b267d664469726e75b

HTTP Headers

GET /p/action/56359553.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 668
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2A7F151CE5176B650856070AE4406A17; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF4DF6C667D847F8A62C49D7BFB7A572 Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2

www.clarity.ms/tag/uet/56359553

104.212.67.162

200 OK

1.6 kB

URL HTTP/2
www.clarity.ms/tag/uet/56359553
IP
104.212.67.162:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1587), with no line terminators
Size
1.6 kB (1587 bytes)
Hash
db6dc1eb68bd859b36b7c5dd4a1012e5
aa147e22cf9c0d5d3490df9eedbdb0593d6f0b34
9d7fbbb81f7bd3252a203ed7430f77086a9e67d21c75f52e355b1967570e440e

HTTP Headers

GET /tag/uet/56359553 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1587
content-type: application/x-javascript
expires: -1
set-cookie: CLID=4d2c6db3f8cf41d192417e77b8452bf9.20220905.20230905; expires=Tue, 05 Sep 2023 04:35:56 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0rHwVYwAAAACHouA8AEWLR73f6flHiqxnTElTMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Sep 2022 04:35:56 GMT
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3C5AF2F63FB465960FF4E0E03BB46B11; domain=.clarity.ms; expires=Sat, 30-Sep-2023 04:35:57 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 05 Sep 2022 04:35:56 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.oelix.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&MUID=3930DB85ED6F64280000C993EC3865B3
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3930DB85ED6F64280000C993EC3865B3; domain=c.bing.com; expires=Sat, 30-Sep-2023 04:35:57 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F632B3D4E3974D99A9EB9A0ED7DB5B33 Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:57Z
date: Mon, 05 Sep 2022 04:35:56 GMT
content-length: 0
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.40/clarity.js

104.212.67.162

200 OK

24 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.40/clarity.js
IP
104.212.67.162:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54745)
Size
24 kB (23484 bytes)
Hash
ed38b545c92e181f4b3b49062bdd2a12
f7a0a547d481ef1ed2ad460c7dc64e7d98b0730f
48948fd49b104a0a768badf68e6a1c0e5bde1db5e7bc8c0c37e8f0e9ab0d0bae

HTTP Headers

GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8bd4806fdad30"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0rXwVYwAAAABUsvi/tSOMRqW5772uuc5YTElTMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Sep 2022 04:35:56 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Mon, 05 Sep 2022 04:35:57 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 477126
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Mon, 05 Sep 2022 04:35:59 GMT
X-Firefox-Spdy: h2

www.oelix.de/media/image/1a/8d/57/DSC01832_ff_200x200.webp

173.212.212.200

200 OK

5.8 kB

URL HTTP/2
www.oelix.de/media/image/1a/8d/57/DSC01832_ff_200x200.webp
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 166x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.8 kB (5796 bytes)
Hash
bf9409e700578dbabe0365b8616b2f99
15744c9857a9570a0aca04f073fc639c196a279c
a5c187f1174d64ace1aa2e6e7c257516179abdaca858fcd82ec1673a9efa45c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/image/1a/8d/57/DSC01832_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1; session-1=ahrsjuv8ia2u3q7l088mefnbf4; __csrf_token-1=9HTEZgqU0lLpl0KKYWaoZGybzpA0DN; _uetsid=393479702cd411ed99c5c1a2f22f862d; _uetvid=3934b3802cd411ed99bfbb5ce1014f8d; _ga=GA1.2.1362936746.1662352552; _gid=GA1.2.1975732998.1662352552; _gat=1; _clck=1t98zl2|1|f4m|0; _clsk=1350j2m|1662352553703|1|1|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:36:00 GMT
content-type: image/webp
content-length: 5796
last-modified: Tue, 16 Nov 2021 10:33:04 GMT
vary: Accept-Encoding
etag: "619388e0-16a4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 09:48:44 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"6307457c-a07c8"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

www.oelix.de/_includes/fontawesome/css/all.min.css

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/_includes/fontawesome/css/all.min.css
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_includes/fontawesome/css/all.min.css HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/css
last-modified: Wed, 13 Jan 2021 16:58:06 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"5fff269e-e7d0"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 11:00:05 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"62dfc935-2745"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

static-eu.payments-amazon.com/checkout.js

54.230.111.109

200 OK

0 B

URL HTTP/2
static-eu.payments-amazon.com/checkout.js
IP
54.230.111.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /checkout.js HTTP/1.1
Host: static-eu.payments-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 05:37:55 GMT
x-amz-version-id: 2JqhzAQpUF8nWmC9400.9DqhK9Hz93YM
server: AmazonS3
content-encoding: br
date: Mon, 05 Sep 2022 04:28:02 GMT
cache-control: max-age=1200,public
etag: W/"b3a4a122e4d6d4fdcaeff2b76156a49b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Eel37TqzOVpCxUOuHjAvkbh6CxNMxNPxY67q3d9kh8oe3wtE8KwO2Q==
age: 473
X-Firefox-Spdy: h2

www.oelix.de/matomo/js/container_39oRZC4F.js

173.212.212.200

200 OK

0 B

URL HTTP/2
www.oelix.de/matomo/js/container_39oRZC4F.js
IP
173.212.212.200:0
ASN
#51167 Contabo GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /matomo/js/container_39oRZC4F.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Thu, 03 Feb 2022 09:49:21 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"61fba521-6f7f"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

www.paypal.com/xoplatform/logger/api/logger

151.101.193.21

200 OK

0 B

URL HTTP/2
www.paypal.com/xoplatform/logger/api/logger
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.oelix.de/
Origin: https://www.oelix.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.oelix.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f9436024c8189
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 05 Sep 2022 13:21:52 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 05 Sep 2023 04:35:56 GMT; Secure
x-pp-s=eyJ0IjoiMTY2MjM1MjU1NjE0OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 08 Sep 2022 04:35:56 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 05 Sep 2022 05:05:56 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1757046956%26vteXpYrS%3D1662354356%26vr%3D0bef00621830a78858d4ed4bfe32d87a%26vt%3D0bef00621830a78858d4ed4bfe32d879%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 04 Sep 2025 04:35:56 GMT; HttpOnly; Secure
ts_c=vr%3D0bef00621830a78858d4ed4bfe32d87a%26vt%3D0bef00621830a78858d4ed4bfe32d879; Path=/; Domain=paypal.com; Expires=Thu, 04 Sep 2025 04:35:56 GMT; Secure
traceparent: 00-0000000000000000000f9436024c8189-21709b667ee8e91b-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 05 Sep 2022 04:35:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11537-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662352556.049160,VS0,VE180
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations