oelix.de/
173.212.212.200301 Moved Permanently 162 B IP 173.212.212.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2022 04:35:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.oelix.de/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10628
Expires: Mon, 05 Sep 2022 07:33:01 GMT
Date: Mon, 05 Sep 2022 04:35:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 03:44:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0yn-q3IhEdor3o4w1EUwNu5NvhoZVZDMHduVWjqbmo11bfdBvd88Mg==
Age: 3069
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EcY6pKpBWVKW4-ovGiRF6Vlvbmlx_weI2IMVi3xRMCr1VpM9LJsjdA==
age: 12036
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.oelix.de/
173.212.212.200200 OK 15 kB IP 173.212.212.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61010)
Hash 92b49d3448affb0084d3c95038be4721
8023467fede8e04789b38168430d168dced7b576
7f38d27c5bf606c6d815abac9b4ce1386e5d1609bb1a5a73d8d2c0514028d054
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/html; charset=UTF-8
content-length: 14820
link: </web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css>; rel="preload"; as="style",</web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js>; rel="preload"; as="script"
x-content-digest: en24ba814b1a5e5f02e696d78419fc28b1b6d8c85106314c4518b3201c948d458d
age: 2751
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:53 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:53 GMT; Max-Age=0; path=/; secure; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a1326be01f8e1365a0794faa650c170
2d65c16eafe329f018c996c1b9e7d4c8c2164026
37d51469a4e2ac52a7cde6d5b4e01bba0095500bccd28a9ebdf80b3a3db51f78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:15:39 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 1088198e81bd01d26b14651b4b37a234
7da54eb15dfbeccabcfec0b7e2517f74ed9db0d5
cb938c246dda393cb6f1fd69194e02cce2f5a1887eaaf675dc2f76ed4e22af24
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:22:48 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kzp_ejrkPY706w5VUA7EltmxCw_D6SLgFbomtN069t3U9ZPobx2RuQ==
Age: 4387
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6aea7a4d711e5397e020df45b4813cc4
228fead3184a22151c0cde0ef4fcea01df64e8a3
dfa8d2a3d3667357aa94265e57bacaf9a7fd7a4a22d6686b3f0d02f182c4570e
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 02:46:32 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 471
widgets.shopvote.de/js/reputation-badge-v2.min.js
213.133.99.219200 OK 6.8 kB URL HTTP/1.1 widgets.shopvote.de/js/reputation-badge-v2.min.js
IP 213.133.99.219:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (29648), with no line terminators
Hash 2a6ea2094aa5a2b367e819466cd0e97d
68a8696490bb4d05bbcc528df3e5dd7e10f820bd
b322e4367d305a16fcf327562ac9efde9603888dddad958b19123309d5e02d65
GET /js/reputation-badge-v2.min.js HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:39:37 GMT
ETag: "6e4104d-73d1-5e1652ed611c4"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 6800
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.oelix.de/static/background/301365_6458_bg.jpg
173.212.212.200200 OK 136 kB URL HTTP/2 www.oelix.de/static/background/301365_6458_bg.jpg
IP 173.212.212.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon PowerShot S70, orientation=upper-left, xresolution=160, yresolution=168, resolutionunit=2, software=GIMP 2.6.12, datetime=2013:03:26 14:10:50], progressive, precision 8, 1043x1071, components 3\012- data
Size 136 kB (136098 bytes)
Hash d58d1cefc72f52c8f35538ecad8520ec
750084d8f62dc07d53ae3a9ff1bc3a7616badfbc
f20db0fafc15db0713b0dd502322530ff84904095786f3f2c83dbd78a8a90afd
GET /static/background/301365_6458_bg.jpg HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/jpeg
content-length: 136098
last-modified: Tue, 31 Dec 2013 13:36:30 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "52c2c85e-213a2"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/cf/4a/72/HomeIcon.png
173.212.212.200200 OK 3.3 kB URL HTTP/2 www.oelix.de/media/image/cf/4a/72/HomeIcon.png
IP 173.212.212.200:0
File type PNG image data, 132 x 38, 8-bit/color RGBA, interlaced\012- data
Hash 68b90b5b6d310bb700cdf4dfa91a29e7
421cbf048f02af064b829f3f3f86788c7124c37a
9e06f984199adff0fad760b119f180dd2fa6d9ff03108f7fdb328ef387adf257
GET /media/image/cf/4a/72/HomeIcon.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 3269
last-modified: Tue, 18 Feb 2020 17:28:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "5e4c1eb7-cc5"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/7d/ee/52/footer_bg_hoch.png
173.212.212.200200 OK 6.1 kB URL HTTP/2 www.oelix.de/media/image/7d/ee/52/footer_bg_hoch.png
IP 173.212.212.200:0
File type PNG image data, 730 x 442, 8-bit/color RGBA, interlaced\012- data
Hash 5f80488b4ef7813db92ccb5255afcd05
431a0b03060fc10d5dcd86fe4a2d723fc7f92f3b
3c156f70cd6fdc6e83cc6e852653c649b9332fbdf421c71b7bdcca5369367ffb
GET /media/image/7d/ee/52/footer_bg_hoch.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 6091
last-modified: Tue, 18 Feb 2020 17:32:40 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "5e4c1fb8-17cb"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/26/6d/35/social-sprite.png
173.212.212.200200 OK 30 kB URL HTTP/2 www.oelix.de/media/image/26/6d/35/social-sprite.png
IP 173.212.212.200:0
File type PNG image data, 230 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash aa66f2186c0f5c5c04a813d280f31429
1c8fe42cb7e4ac16ce2a1b02e164cc6f703b5a2a
8e90dfa66ab401c3166a43c24e326bce559ef955a26d983725b8545fe592966e
GET /media/image/26/6d/35/social-sprite.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: image/png
content-length: 30289
last-modified: Tue, 09 Nov 2021 13:04:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: "618a71c0-7651"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b
173.212.212.200200 OK 42 kB URL HTTP/2 www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b
IP 173.212.212.200:0
File type Web Open Font Format (Version 2), TrueType, length 41684, version 1.6619\012- data
Hash 237aa94493d93bcf630b9a062f455d0a
3d2fab0aea06119ea018a1833cb4e52445c39b75
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
Analyzer Verdict Alert fortinet Phishing
GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?b93f4c52ce1d22fe56d5ae3c2bb05a5b HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 41684
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 04:35:54 GMT
etag: "62d548b0-a2d4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7
173.212.212.200200 OK 44 kB URL HTTP/2 www.oelix.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7
IP 173.212.212.200:0
File type Web Open Font Format (Version 2), TrueType, length 43524, version 1.6619\012- data
Hash b62818c54031125f5feb919cf0cb6752
29520539229ea3019411dabb4ff21bb461e3dab2
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
Analyzer Verdict Alert fortinet Phishing
GET /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?2484dd4d59287ae98d0cad57815e46b7 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 43524
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 04:35:54 GMT
etag: "62d548b0-aa04"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605
173.212.212.200200 OK 24 kB URL HTTP/2 www.oelix.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605
IP 173.212.212.200:0
File type Web Open Font Format (Version 2), TrueType, length 24276, version 1.0\012- data
Hash 542276b37771317f850a11ee89e0720d
20ce7199ec6a04947e871b38f691d046d2ed5220
386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0
Analyzer Verdict Alert fortinet Phishing
GET /themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?24f3638e7d3ea4cd1bd7b1f346163605 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: font/woff2
content-length: 24276
last-modified: Mon, 18 Jul 2022 11:49:04 GMT
vary: Accept-Encoding
etag: "62d548b0-5ed4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/e6/95/eb/logo_250-94.webp
173.212.212.200200 OK 3.5 kB URL HTTP/2 www.oelix.de/media/image/e6/95/eb/logo_250-94.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x94, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b31cea2b6a9c6f8a1122e9e3c56c42e1
0ca675749d09a3c08a8717f11b28b9867f805164
208dbbfb3af54bec3f4e9ca98180d5c629dddcc6a7b10c737fcdaf12c9f38d7d
Analyzer Verdict Alert fortinet Phishing
GET /media/image/e6/95/eb/logo_250-94.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/webp
content-length: 3450
last-modified: Wed, 28 Apr 2021 08:03:07 GMT
vary: Accept-Encoding
etag: "608916bb-d7a"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 03:38:16 GMT
Expires: Mon, 05 Sep 2022 04:15:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tnesbtJFHiTia-zpSowEWr-FqAg-IJNuiQRyLeqLV9n8s6gyy2rfVw==
Age: 3458
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3141
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:54 GMT
Last-Modified: Mon, 05 Sep 2022 03:43:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
widgets.shopvote.de/allvotes-v2.php?shopid=14890&type=1&src=https&lang=de
213.133.99.219200 OK 695 B URL HTTP/1.1 widgets.shopvote.de/allvotes-v2.php?shopid=14890&type=1&src=https&lang=de
IP 213.133.99.219:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- HTML document, ASCII text, with very long lines (1478), with no line terminators
Hash fae3f6d2b17de2624b5606b9e31f473f
88dee826835820fb913ecdd6f923b635e447ed16
9f23aab1723723bc33ff63acb53984eb0cfa06729b6c9d9de0d759d7b0acb0b8
GET /allvotes-v2.php?shopid=14890&type=1&src=https&lang=de HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Expires: Wed, 07 Sep 2022 04:35:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 695
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html
widgets.shopvote.de/buttons/avg2-gold.png
213.133.99.219200 OK 16 kB URL HTTP/1.1 widgets.shopvote.de/buttons/avg2-gold.png
IP 213.133.99.219:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 126 x 205, 8-bit/color RGBA, non-interlaced\012- data
Hash ce58f84f4b43c944d435cd42c370ccbf
773a4973c409c863028f483ae3e708c713b816fd
a7b9f69c1b6a313f1f07752711d794334c708c67c663b74ce2148e313305fc6a
GET /buttons/avg2-gold.png HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Thu, 04 Jan 2018 16:23:18 GMT
ETag: "6fc0492-3fd8-561f5bfe6a980"
Accept-Ranges: bytes
Content-Length: 16344
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png
www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k¤cy=EUR&components=messages
151.101.193.21200 OK 76 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k¤cy=EUR&components=messages
IP 151.101.193.21:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 1ffc275ea27196bc29918d78b1debb18
fe28aa9785837a95ba6301df710c0965e1005a0d
d388c704622291ba218fb5cf3775d8b4b5d330a31565eda43d987d6e6148af22
GET /sdk/js?client-id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k¤cy=EUR&components=messages HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-lKHVMUODlZrYzr7aeE0Rvotp6EL92zcx5YVMN/pebXV0FhHR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-lKHVMUODlZrYzr7aeE0Rvotp6EL92zcx5YVMN/pebXV0FhHR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"1299e-/iiql4WDepW6YwHfcQwJZeEAWg0"
p3p: true
paypal-debug-id: f5488653a3751
traceparent: 00-0000000000000000000f5488653a3751-1995d309a2fcb7e8-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 04:35:54 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11571-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662352554.306743,VS0,VE642
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f5488653a3751-e18c2333ec481204-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 76190
X-Firefox-Spdy: h2
widgets.shopvote.de/buttons/av2-stars-gold.png
213.133.99.219200 OK 406 B URL HTTP/1.1 widgets.shopvote.de/buttons/av2-stars-gold.png
IP 213.133.99.219:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 73 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 44678100240dc6ac2699e8cb30599fbe
49708842e9660ea4344290d2bef012b62c6c0b81
cf2165bdf909f77c5d4bfb89447506aa26d1118decf077556d1aeb8978668df9
GET /buttons/av2-stars-gold.png HTTP/1.1
Host: widgets.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:54 GMT
Server: Apache
Last-Modified: Thu, 26 Oct 2017 15:36:04 GMT
ETag: "6fc044a-196-55c74ee170100"
Accept-Ranges: bytes
Content-Length: 406
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:54 GMT
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
www.oelix.de/mautic/focus/1.js
173.212.212.200200 OK 7.7 kB URL HTTP/2 www.oelix.de/mautic/focus/1.js
IP 173.212.212.200:0
File type Unicode text, UTF-8 text, with very long lines (16182)
Hash 6b3255f193a1bf959e7b0d0152f00c10
7022f857562bfd54a4e697a26bd33e171f17d565
065b1c5d3813c698be3fcde9cdf3b41417d9f73053274a5bf8f65d076fc62ff0
Analyzer Verdict Alert fortinet Phishing
GET /mautic/focus/1.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: application/javascript
content-length: 7662
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Mon, 05 Sep 2022 04:35:54 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z8KmHCgjpjtz/KPe6LbhmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I+iq/Kc/HYiAPShqdV0zNOlS2Fk=
img.shopvote.de/profile-seal-160-gold.png
213.133.99.219200 OK 11 kB URL HTTP/1.1 img.shopvote.de/profile-seal-160-gold.png
IP 213.133.99.219:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 98bd829907eb15dbf6d6acd78297e281
9a2a37ca6c29d76ba73428a306ddfcf6ffec989f
1ca288c521b6bb5ce74bae75d2c313a304c8539789b1e604bb05c71e182952c5
GET /profile-seal-160-gold.png HTTP/1.1
Host: img.shopvote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 04:35:55 GMT
Server: Apache
Last-Modified: Thu, 27 Jan 2022 06:29:43 GMT
ETag: "6f81440-2b9f-5d68a719563c0"
Accept-Ranges: bytes
Content-Length: 11167
Cache-Control: max-age=2592000
Expires: Wed, 05 Oct 2022 04:35:55 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false
151.101.193.21200 OK 4.3 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false
IP 151.101.193.21:0
File type ASCII text, with very long lines (12084), with no line terminators
Hash da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4
GET /tagmanager/pptm.js?id=www.oelix.de&t=xo&v=5.0.330&source=payments_sdk&client_id=AUgfxOxEgNYPSvZlludb4I_sAahFF4cTulmBEhj6oqFfY9Gy9s-G0pk1JmttaMDtzHLREnzRCQv8ZC_k&comp=messages&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-f+SZCxJk9I33Yg7AQZMMXFVhYeWADSaCdnPFKINCtHhHNu3i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f3394568ab7bb
traceparent: 00-0000000000000000000f3394568ab7bb-c5926651fc9c1dce-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 04:35:55 GMT
age: 316
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11578-HHN, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662352555.088962,VS0,VE21
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f3394568ab7bb-eb08e08615682b1a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2
www.oelix.de/media/image/2f/92/04/Tropfen_180x180591446b491fb8.png
173.212.212.200200 OK 6.4 kB URL HTTP/2 www.oelix.de/media/image/2f/92/04/Tropfen_180x180591446b491fb8.png
IP 173.212.212.200:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, interlaced\012- data
Hash b73ce98517f5cd2f376624968d55fd05
7d24b481d78a5eff80429f7adaf183ed59f29973
cb591cb5a0aad62f85b3478b7b5eba73fe4b5e695fc454eb3473d4273f461871
GET /media/image/2f/92/04/Tropfen_180x180591446b491fb8.png HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/png
content-length: 6361
last-modified: Thu, 11 May 2017 11:10:44 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:54 GMT
etag: "591446b4-18d9"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/unknown/d9/0c/f4/favicon.ico
173.212.212.200200 OK 1.4 kB URL HTTP/2 www.oelix.de/media/unknown/d9/0c/f4/favicon.ico
IP 173.212.212.200:0
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash 2f2e2ef330114419f03b8eac1b74af82
070b958cfebefdc2e90a1159677b459841c733a5
921c8836cf033fc37e70f0d7e6568921ce0afd42acfae55a16ce4b3da655b199
GET /media/unknown/d9/0c/f4/favicon.ico HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: image/vnd.microsoft.icon
content-length: 1406
last-modified: Thu, 11 May 2017 11:11:33 GMT
vary: Accept-Encoding
etag: "591446e5-57e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0
173.212.212.200204 No Content 0 B URL HTTP/2 www.oelix.de/matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0
IP 173.212.212.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo/matomo.php?action_name=oelix.de%20-%20%C3%96le%20mit%20Geschmack&idsite=1&rec=1&r=290613&h=4&m=35&s=50&url=https%3A%2F%2Fwww.oelix.de%2F&_id=9aa52e00ebd1a358&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=eUEXcV&pf_net=161&pf_srv=159&pf_tfr=0 HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
192.229.221.25200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP 192.229.221.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=oelix.de%20-%20%C3%96le%20mit%20Geschmack&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1662352551049&g=0&completeurl=https%3A%2F%2Fwww.oelix.de%2F&ru=https%3A%2F%2Fwww.oelix.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Mon, 05 Sep 2022 04:35:55 GMT
expires: Mon, 05 Sep 2022 04:35:55 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 810466fdb6bd6
pragma: no-cache
server: ECAcc (frb/67A3)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=182
set-cookie: ts=vreXpYrS%3D1757046955%26vteXpYrS%3D1662354355%26vr%3D0beefd031830a62377664f67ffffffff%26vt%3D0beefd031830a62377664f67fffffffe; Expires=Fri, 05 Sep 2025 04:35:55 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D0beefd031830a62377664f67ffffffff%26vt%3D0beefd031830a62377664f67fffffffe; Expires=Fri, 05 Sep 2025 04:35:55 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000810466fdb6bd6-185cc774ed8faf62-01
content-length: 42
X-Firefox-Spdy: h2
www.oelix.de/widgets/emotion/index/emotionId/1/secret//controllerName/index
173.212.212.200200 OK 608 B URL HTTP/2 www.oelix.de/widgets/emotion/index/emotionId/1/secret//controllerName/index
IP 173.212.212.200:0
File type Unicode text, UTF-8 text, with very long lines (1593), with no line terminators
Hash 95c855cb6e7f81f74072305a70328191
26ab448bd23cb6e61b62a757f6fb6c3acec65efd
065a5c8f978756508f98f78292c50edc7fbde0fd1e2ca8851c91362889c34d26
Analyzer Verdict Alert fortinet Phishing
GET /widgets/emotion/index/emotionId/1/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 608
x-content-digest: encc6b13d87aac221ea1a09e5104240fe3aa256364a41f91e19c684840c230d239
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/1/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/widgets/emotion/index/emotionId/22/secret//controllerName/index
173.212.212.200200 OK 3.0 kB URL HTTP/2 www.oelix.de/widgets/emotion/index/emotionId/22/secret//controllerName/index
IP 173.212.212.200:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26125), with no line terminators
Hash e6072e3a392e54712ec3a44915095adc
9c4684492fe7b6ae47794a6001ad22091e8071f4
8f9c691073af8f3bc40aeff665799cef4c5e026d7bb95ebde29ac8282928dbd6
Analyzer Verdict Alert fortinet Phishing
GET /widgets/emotion/index/emotionId/22/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 3033
x-content-digest: en52becc23cc32f30177e1a694427754e396d0becb50d7c2db0e4a22cc4a07078a
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/22/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/widgets/emotion/index/emotionId/94/secret//controllerName/index
173.212.212.200200 OK 826 B URL HTTP/2 www.oelix.de/widgets/emotion/index/emotionId/94/secret//controllerName/index
IP 173.212.212.200:0
File type Unicode text, UTF-8 text, with very long lines (2216), with no line terminators
Hash 1116b8b3c638adf4cab5248e3ced4e5e
0a540f7f52e90f8b1d149f7c716ee91905487f09
ea15d0e9bf79747ee9da576118faf753505d510c35111b9cbc29038812507b5a
Analyzer Verdict Alert fortinet Phishing
GET /widgets/emotion/index/emotionId/94/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 826
x-content-digest: en0443b23f1a8c5803505768f7a3c173949e799abfa8db7084a1424f69c51537f5
age: 5989
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/94/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/widgets/emotion/index/emotionId/3/secret//controllerName/index
173.212.212.200200 OK 13 kB URL HTTP/2 www.oelix.de/widgets/emotion/index/emotionId/3/secret//controllerName/index
IP 173.212.212.200:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65310), with no line terminators
Hash 9f25127d6737510793981d9d10f2625f
b0cb8da668d3db929aca3a1767d2622b319eee56
d3f57c58a1632d5add647caddbac230d6582a3464e7a49792229a94595ba3ed3
Analyzer Verdict Alert fortinet Phishing
GET /widgets/emotion/index/emotionId/3/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 12895
x-content-digest: eneb17bb5ba33393a37e949f33d67bbf6b8008b9a7ff7606dd8c51094e5c86bfa3
age: 5990
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/3/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/widgets/emotion/index/emotionId/2/secret//controllerName/index
173.212.212.200200 OK 12 kB URL HTTP/2 www.oelix.de/widgets/emotion/index/emotionId/2/secret//controllerName/index
IP 173.212.212.200:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65320), with no line terminators
Hash 5e94aa1f103bbb7207273cbb2cfa2a16
29d09573d28747e88a56105b4b4b62f1e9401299
bb4313b28027be71e418b2ba33c2dedc2c5d15c90f90e78f6128356d4f62e0bb
Analyzer Verdict Alert fortinet Phishing
GET /widgets/emotion/index/emotionId/2/secret//controllerName/index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:54 GMT
content-type: text/html; charset=UTF-8
content-length: 11880
x-content-digest: en914664db7089f85f4150ca16564e2534a14669e4099bdfb618a6772867ab9ac8
age: 916
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Mon, 05-Sep-2022 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:53 GMT; Max-Age=0; path=/widgets/emotion/index/emotionId/2/secret//controllerName/index; domain=oelix.de; httponly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/media/image/34/8a/58/Marktgeplapper_Pilgern.jpg
173.212.212.200200 OK 335 kB URL HTTP/2 www.oelix.de/media/image/34/8a/58/Marktgeplapper_Pilgern.jpg
IP 173.212.212.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2021:08:31 12:33:59], progressive, precision 8, 1426x894, components 3\012- data
Size 335 kB (334990 bytes)
Hash f059b34d034213ca49254752f385191e
c52b4b29aa1f48fd7d0e75622fb4060f8ad31899
84d9585f0ebb3a2819abfa4cc20591be4d97b27b903a380ec4f2b6f9b1a25398
GET /media/image/34/8a/58/Marktgeplapper_Pilgern.jpg HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/jpeg
content-length: 334990
last-modified: Tue, 31 Aug 2021 10:34:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:55 GMT
etag: "612e05b9-51c8e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp
173.212.212.200200 OK 6.4 kB URL HTTP/2 www.oelix.de/media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 036d63d29a857c67a68757f30e59b0f1
09717be5f5bcc9d8735b75b1a53a5d58e9eba943
6b9e3c61b7387ccc0b1e2c6632ed09413faff05bfde7a822f1ca910f8d5e78a9
Analyzer Verdict Alert fortinet Phishing
GET /media/image/48/82/92/b5cd6271a02e74c83b348c32cc2ef63a_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6358
last-modified: Tue, 27 Apr 2021 16:21:15 GMT
vary: Accept-Encoding
etag: "608839fb-18d6"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/09/00/bf/DSC00479_ff_200x200.webp
173.212.212.200200 OK 7.5 kB URL HTTP/2 www.oelix.de/media/image/09/00/bf/DSC00479_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x181, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01a8f030e72ca2084aefa7e9c074ca24
b40f38c18aca2913ff33627be3fdcfa432e173c5
8d3c9b156c9c7750f22ec7cbab13574756eaa27e788cbfdc6bc535dab28737ea
Analyzer Verdict Alert fortinet Phishing
GET /media/image/09/00/bf/DSC00479_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7536
last-modified: Tue, 27 Apr 2021 16:12:20 GMT
vary: Accept-Encoding
etag: "608837e4-1d70"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/91/56/03/DSC00939_ff_200x200.webp
173.212.212.200200 OK 4.6 kB URL HTTP/2 www.oelix.de/media/image/91/56/03/DSC00939_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 149x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91a8f6337966adc3fb93d666ebed5552
63fca9dac87346455ff9932232dc80edcad0981f
0502ea1820ad533d5f650569ce0cbb42ee1931667943c5d73f64ee17f442fa10
Analyzer Verdict Alert fortinet Phishing
GET /media/image/91/56/03/DSC00939_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4552
last-modified: Tue, 27 Apr 2021 15:57:48 GMT
vary: Accept-Encoding
etag: "6088347c-11c8"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/ae/45/18/DSC00498_ff_200x200.webp
173.212.212.200200 OK 4.3 kB URL HTTP/2 www.oelix.de/media/image/ae/45/18/DSC00498_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1deef326aec64ab2acd24ce382dd5a90
c05483b48daa8b00db9160d6d959037cea74f751
3a2e3c483521b47b1a8829ad00b93dad8f9d2fb80ba9f9f4f891fa005ec879af
Analyzer Verdict Alert fortinet Phishing
GET /media/image/ae/45/18/DSC00498_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4258
last-modified: Tue, 27 Apr 2021 16:00:35 GMT
vary: Accept-Encoding
etag: "60883523-10a2"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/g0/7c/38/DSC01923_ff_200x200.webp
173.212.212.200200 OK 4.6 kB URL HTTP/2 www.oelix.de/media/image/g0/7c/38/DSC01923_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 152x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d0dca0f1f744e03de1a370c9567c7db7
7166bcb8406ee4a5b9b4f41667d70626dbaf7807
25e4c0a186fa8919f1088aec9bbb4cdd85fdc6ec8a597c41c39a1ba78b6da627
Analyzer Verdict Alert fortinet Phishing
GET /media/image/g0/7c/38/DSC01923_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4554
last-modified: Fri, 25 Feb 2022 10:41:30 GMT
vary: Accept-Encoding
etag: "6218b25a-11ca"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/fa/91/cc/DSC01154_ff_200x200.webp
173.212.212.200200 OK 7.1 kB URL HTTP/2 www.oelix.de/media/image/fa/91/cc/DSC01154_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x174, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2ef728bd41c06e5f8c4dba2f7fcda1b
f3d2b3d76a0e1eb40c6944d3992ed66c5e792742
d79821b647befc19119a6df67409812f2d38ff5d24d761261f5f42e4c1e49c37
Analyzer Verdict Alert fortinet Phishing
GET /media/image/fa/91/cc/DSC01154_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7052
last-modified: Tue, 01 Feb 2022 13:53:04 GMT
vary: Accept-Encoding
etag: "61f93b40-1b8c"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/80/69/14/DSC01885_ff_200x200.webp
173.212.212.200200 OK 7.0 kB URL HTTP/2 www.oelix.de/media/image/80/69/14/DSC01885_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x135, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f771d0f79864f34c62d44edb308b2d3e
b78d410a7b851a8a029da72b21b8aa55ec96970a
d9ae268ee72db9c9093313d9b54ea2eb8ba805ca458f31927c20177d799d757f
Analyzer Verdict Alert fortinet Phishing
GET /media/image/80/69/14/DSC01885_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 7030
last-modified: Tue, 07 Dec 2021 09:43:17 GMT
vary: Accept-Encoding
etag: "61af2cb5-1b76"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/97/c4/f7/DSC01863_ff_200x200.webp
173.212.212.200200 OK 6.2 kB URL HTTP/2 www.oelix.de/media/image/97/c4/f7/DSC01863_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 375cf337b75f951c370bd0a05dfe63fa
1b4156a5f274e6b6282a471d1044c9a5463026b4
357a96a267fd3d9b68f2ef37153eaaed76faa5ef83fc172f01ecd3a21c7eadb7
Analyzer Verdict Alert fortinet Phishing
GET /media/image/97/c4/f7/DSC01863_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6190
last-modified: Tue, 16 Nov 2021 11:22:51 GMT
vary: Accept-Encoding
etag: "6193948b-182e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/c7/33/e9/DSC01873_ff_200x200.webp
173.212.212.200200 OK 5.5 kB URL HTTP/2 www.oelix.de/media/image/c7/33/e9/DSC01873_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x187, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a3b4b8d299b7800a083dfc54ef2bd29
f6ffd46d726609d7ad42677e87f71213b31b2e6c
4926fbe182972901f29c5e04449d42d46cbbf85331f5a1faf79c40894f4558ef
Analyzer Verdict Alert fortinet Phishing
GET /media/image/c7/33/e9/DSC01873_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5470
last-modified: Tue, 01 Feb 2022 13:30:11 GMT
vary: Accept-Encoding
etag: "61f935e3-155e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/29/5c/d6/DSC00675_ff_200x200.webp
173.212.212.200200 OK 5.9 kB URL HTTP/2 www.oelix.de/media/image/29/5c/d6/DSC00675_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 177x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2afb0fe539a8908bb2641a90df55a28e
ea1a338fa247a19fe08b41e70bfd574f3a59c4ce
ef8e28f8df17f156b2201e34643357f006ef797bcec3d85134a53506581aa06a
Analyzer Verdict Alert fortinet Phishing
GET /media/image/29/5c/d6/DSC00675_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5892
last-modified: Tue, 27 Apr 2021 16:05:32 GMT
vary: Accept-Encoding
etag: "6088364c-1704"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp
173.212.212.200200 OK 6.4 kB URL HTTP/2 www.oelix.de/media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x177, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9450708b7eb90bbcbfddd1d6fc7b8ec7
6d612273f1675275dd5977fb8235beb353251f22
9f6aa41dd47193804c4098190bf5dc2f52abf7e2cfa13adc88a3c957753b101c
Analyzer Verdict Alert fortinet Phishing
GET /media/image/8a/63/b8/ecc6ffe7a1e402fb6119f2b774dc5ee2_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6356
last-modified: Tue, 27 Apr 2021 16:19:57 GMT
vary: Accept-Encoding
etag: "608839ad-18d4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/5b/96/05/DSC01718_ff_200x200.webp
173.212.212.200200 OK 4.6 kB URL HTTP/2 www.oelix.de/media/image/5b/96/05/DSC01718_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3924363df2f8cf3d51d73e3f37fc67d
b0c8a1580f7e5663f28ab2bff840249551c32ccb
9a609281131a0c1868ee2ccc4e58aff64f88dfb37ff0fe5625ca4edea0c81ddc
Analyzer Verdict Alert fortinet Phishing
GET /media/image/5b/96/05/DSC01718_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 4646
last-modified: Tue, 27 Apr 2021 15:21:35 GMT
vary: Accept-Encoding
etag: "60882bff-1226"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/bc/5a/79/DSC00538_ff_200x200.webp
173.212.212.200200 OK 5.1 kB URL HTTP/2 www.oelix.de/media/image/bc/5a/79/DSC00538_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbc5308687978ec01822516a769bf19f
093922a9b8063ffccea2a0d21190cb2942c23232
9b21e627f3de894fa8f6dde50b3d289c2929910f9bb29a5c2fc0a633112ecfd8
Analyzer Verdict Alert fortinet Phishing
GET /media/image/bc/5a/79/DSC00538_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 5134
last-modified: Tue, 27 Apr 2021 16:02:37 GMT
vary: Accept-Encoding
etag: "6088359d-140e"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/media/image/e6/3e/05/DSC00266_ff_200x200.webp
173.212.212.200200 OK 6.2 kB URL HTTP/2 www.oelix.de/media/image/e6/3e/05/DSC00266_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc303a2e4d4686f322126ca13de1d046
9bfad94ff59e1e0bef4e5e4676d59f59a4a4010c
a39b902d754c001df82a18234a4e55e16eb5a70d4e43dce48324750f92e6fcc3
Analyzer Verdict Alert fortinet Phishing
GET /media/image/e6/3e/05/DSC00266_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: image/webp
content-length: 6220
last-modified: Tue, 27 Apr 2021 16:02:07 GMT
vary: Accept-Encoding
etag: "6088357f-184c"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
173.212.212.200200 OK 0 B URL HTTP/2 www.oelix.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
IP 173.212.212.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/index/refreshStatistic?requestPage=%2F&requestController=index HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: private
x-robots-tag: noindex
pragma: no-cache
expires: -1
x-body-eval: ESI
set-cookie: session-1=uohoqm7k2bnliumdgqr9g6mn6i; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/widgets/index/refreshStatistic; domain=oelix.de; httponly
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
www.oelix.de/csrftoken
173.212.212.200200 OK 0 B IP 173.212.212.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /csrftoken HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-csrf-token: 9HTEZgqU0lLpl0KKYWaoZGybzpA0DN
pragma: no-cache
expires: -1
cache-control: no-cache, private
set-cookie: session-1=ahrsjuv8ia2u3q7l088mefnbf4; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/
nocache=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; secure; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/; domain=oelix.de; httponly
_pk_id_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; domain=oelix.de; httponly
_pk_ses_1_f945=deleted; expires=Sun, 05-Sep-2021 04:35:54 GMT; Max-Age=0; path=/csrftoken; domain=oelix.de; httponly
strict-transport-security: max-age=15768000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=15240E743AF263E6119E1C623BA56289; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FF7790A5EC34206A29B24DAC76E034F Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 04:35:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 236f57d73839def5d9ddd1b993394bac
a32ddb91fce6c75ee39530117afcf31d6c6eea94
5c4eab322f6c6a7462a4350dde8d32fc321e6d026e72c0bdb282a56da72c9664
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11654
x-amzn-requestid: 7dec27e0-0959-435b-b155-6afeb503dac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxJUJGf-oAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631055b3-15838b603291931a4d236ff2;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 06:48:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xeYGWeNQ32oY9qWzxAEr3PhixxBQJBKUEFOpSS9mKqJqqGtHltVVIQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:39:33 GMT
age: 21383
etag: "a32ddb91fce6c75ee39530117afcf31d6c6eea94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
173.212.212.200200 OK 69 kB URL HTTP/2 www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css
IP 173.212.212.200:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6992bf8bc1cf95ab7574f6414004b3fc
81fd484fe07d1c48c5262617c5ebf26d6b1c8e72
c2e7863183fd1ab5547a3f27aba2527f16a87f1b22669b602cdabf5b5592d71f
GET /web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.css HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 09:48:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"6307457d-6d8b0"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a5ed2a9c430f2f02da773c400d096e0
618252c5082ccfeeb8bc92aecba4485c48ac4206
948158a29f15f5f5ab45f541b665269d43bfc1e3b444ee4ecb9ba715d5b616d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11003
x-amzn-requestid: 29b9c3bc-4b10-44ed-9bc0-111a672c1d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqpJpGjxoAMFzSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dbbd7-1547b64d2fc3052e510f6218;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:27:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TGpnDyF8_8hy5bs5denuqKSMzLl98Oz7YHx4MAOMr_Ah-POktYDXSA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:42 GMT
age: 23534
etag: "618252c5082ccfeeb8bc92aecba4485c48ac4206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d19ae40ba0a61c69d0bbc87ed8da454
064232b77c890404a294500597e562b3945453be
a2d2bfe5d44394511949665e36492706dd655a46198bf7ae555033eedfa46d83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 94ff7301-4895-4fad-81db-a2774c8db061
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeaFDYIAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c45c-450abb734f447a2c2db18aae;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:05:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuxGNBXMMm2SeJckWUMNQfuKBX6IbhwaIyGPuDGjnRI6C5YIor9flQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:43:50 GMT
age: 3126
etag: "064232b77c890404a294500597e562b3945453be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5231760bb81282416f2bd27a4261099e
e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 24628
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 24385
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 02:41:12 GMT
expires: Mon, 05 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 6884
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 04:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=<=2506&evt=pageLoad&sv=1&rn=66499
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=<=2506&evt=pageLoad&sv=1&rn=66499
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=56359553&Ver=2&mid=ddb03b06-9773-4de7-9caf-60abbf1674db&sid=393479702cd411ed99c5c1a2f22f862d&vid=3934b3802cd411ed99bfbb5ce1014f8d&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=oelix.de%20-%20%C3%96le%20mit%20Geschmack&kw=hochwertige%20Speise%C3%B6le,%20kaltgepresst,%20naturbelassen&p=https%3A%2F%2Fwww.oelix.de%2F&r=<=2506&evt=pageLoad&sv=1&rn=66499 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1F6F1671DA5060C327FA0467DB076173; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FAED464F93BB4D3CAE3365E190C43D1D Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/56359553.js
13.107.21.200200 OK 668 B URL HTTP/2 bat.bing.com/p/action/56359553.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 2d4f8b8192887175a055aab55cac3af5
1e3b81463e214b201ddd0a45e2aa4596da268825
d91621ff1486e00c9365028f24a6195a4398b0a25326e0b267d664469726e75b
GET /p/action/56359553.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 668
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2A7F151CE5176B650856070AE4406A17; domain=.bing.com; expires=Sat, 30-Sep-2023 04:35:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF4DF6C667D847F8A62C49D7BFB7A572 Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:56Z
date: Mon, 05 Sep 2022 04:35:55 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/56359553
104.212.67.162200 OK 1.6 kB URL HTTP/2 www.clarity.ms/tag/uet/56359553
IP 104.212.67.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1587), with no line terminators
Hash db6dc1eb68bd859b36b7c5dd4a1012e5
aa147e22cf9c0d5d3490df9eedbdb0593d6f0b34
9d7fbbb81f7bd3252a203ed7430f77086a9e67d21c75f52e355b1967570e440e
GET /tag/uet/56359553 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1587
content-type: application/x-javascript
expires: -1
set-cookie: CLID=4d2c6db3f8cf41d192417e77b8452bf9.20220905.20230905; expires=Tue, 05 Sep 2023 04:35:56 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0rHwVYwAAAACHouA8AEWLR73f6flHiqxnTElTMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Sep 2022 04:35:56 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3C5AF2F63FB465960FF4E0E03BB46B11; domain=.clarity.ms; expires=Sat, 30-Sep-2023 04:35:57 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 05 Sep 2022 04:35:56 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&RedC=c.clarity.ms&MXFR=3C5AF2F63FB465960FF4E0E03BB46B11 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.oelix.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=28D0BFE3AFE9481CA3C71B9B54FD48C0&MUID=3930DB85ED6F64280000C993EC3865B3
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3930DB85ED6F64280000C993EC3865B3; domain=c.bing.com; expires=Sat, 30-Sep-2023 04:35:57 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F632B3D4E3974D99A9EB9A0ED7DB5B33 Ref B: OSL30EDGE0307 Ref C: 2022-09-05T04:35:57Z
date: Mon, 05 Sep 2022 04:35:56 GMT
content-length: 0
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.40/clarity.js
104.212.67.162200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.40/clarity.js
IP 104.212.67.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash ed38b545c92e181f4b3b49062bdd2a12
f7a0a547d481ef1ed2ad460c7dc64e7d98b0730f
48948fd49b104a0a768badf68e6a1c0e5bde1db5e7bc8c0c37e8f0e9ab0d0bae
GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8bd4806fdad30"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0rXwVYwAAAABUsvi/tSOMRqW5772uuc5YTElTMDFFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 05 Sep 2022 04:35:56 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Mon, 05 Sep 2022 04:35:57 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 477126
Origin: https://www.oelix.de
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.oelix.de
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Mon, 05 Sep 2022 04:35:59 GMT
X-Firefox-Spdy: h2
www.oelix.de/media/image/1a/8d/57/DSC01832_ff_200x200.webp
173.212.212.200200 OK 5.8 kB URL HTTP/2 www.oelix.de/media/image/1a/8d/57/DSC01832_ff_200x200.webp
IP 173.212.212.200:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 166x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf9409e700578dbabe0365b8616b2f99
15744c9857a9570a0aca04f073fc639c196a279c
a5c187f1174d64ace1aa2e6e7c257516179abdaca858fcd82ec1673a9efa45c1
Analyzer Verdict Alert fortinet Phishing
GET /media/image/1a/8d/57/DSC01832_ff_200x200.webp HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Cookie: _pk_id.1.f945=9aa52e00ebd1a358.1662352550.; _pk_ses.1.f945=1; session-1=ahrsjuv8ia2u3q7l088mefnbf4; __csrf_token-1=9HTEZgqU0lLpl0KKYWaoZGybzpA0DN; _uetsid=393479702cd411ed99c5c1a2f22f862d; _uetvid=3934b3802cd411ed99bfbb5ce1014f8d; _ga=GA1.2.1362936746.1662352552; _gid=GA1.2.1975732998.1662352552; _gat=1; _clck=1t98zl2|1|f4m|0; _clsk=1350j2m|1662352553703|1|1|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:36:00 GMT
content-type: image/webp
content-length: 5796
last-modified: Tue, 16 Nov 2021 10:33:04 GMT
vary: Accept-Encoding
etag: "619388e0-16a4"
strict-transport-security: max-age=15768000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js
173.212.212.200200 OK 0 B URL HTTP/2 www.oelix.de/web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js
IP 173.212.212.200:0
Analyzer Verdict Alert fortinet Phishing
GET /web/cache/1661420932_b8a1d0bb939816071f4919403ed659d6.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 09:48:44 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"6307457c-a07c8"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
www.oelix.de/_includes/fontawesome/css/all.min.css
173.212.212.200200 OK 0 B URL HTTP/2 www.oelix.de/_includes/fontawesome/css/all.min.css
IP 173.212.212.200:0
GET /_includes/fontawesome/css/all.min.css HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: text/css
last-modified: Wed, 13 Jan 2021 16:58:06 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"5fff269e-e7d0"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js
173.212.212.200200 OK 0 B URL HTTP/2 www.oelix.de/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js
IP 173.212.212.200:0
Analyzer Verdict Alert fortinet Phishing
GET /custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 11:00:05 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"62dfc935-2745"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
static-eu.payments-amazon.com/checkout.js
54.230.111.109200 OK 0 B URL HTTP/2 static-eu.payments-amazon.com/checkout.js
IP 54.230.111.109:0
GET /checkout.js HTTP/1.1
Host: static-eu.payments-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 05:37:55 GMT
x-amz-version-id: 2JqhzAQpUF8nWmC9400.9DqhK9Hz93YM
server: AmazonS3
content-encoding: br
date: Mon, 05 Sep 2022 04:28:02 GMT
cache-control: max-age=1200,public
etag: W/"b3a4a122e4d6d4fdcaeff2b76156a49b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Eel37TqzOVpCxUOuHjAvkbh6CxNMxNPxY67q3d9kh8oe3wtE8KwO2Q==
age: 473
X-Firefox-Spdy: h2
www.oelix.de/matomo/js/container_39oRZC4F.js
173.212.212.200200 OK 0 B URL HTTP/2 www.oelix.de/matomo/js/container_39oRZC4F.js
IP 173.212.212.200:0
Analyzer Verdict Alert fortinet Phishing
GET /matomo/js/container_39oRZC4F.js HTTP/1.1
Host: www.oelix.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.oelix.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 04:35:53 GMT
content-type: application/javascript
last-modified: Thu, 03 Feb 2022 09:49:21 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public
expires: Wed, 05 Oct 2022 04:35:53 GMT
etag: W/"61fba521-6f7f"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.193.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.193.21:0
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.oelix.de/
Origin: https://www.oelix.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.oelix.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f9436024c8189
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 05 Sep 2022 13:21:52 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 05 Sep 2023 04:35:56 GMT; Secure
x-pp-s=eyJ0IjoiMTY2MjM1MjU1NjE0OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 08 Sep 2022 04:35:56 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 05 Sep 2022 05:05:56 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1757046956%26vteXpYrS%3D1662354356%26vr%3D0bef00621830a78858d4ed4bfe32d87a%26vt%3D0bef00621830a78858d4ed4bfe32d879%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 04 Sep 2025 04:35:56 GMT; HttpOnly; Secure
ts_c=vr%3D0bef00621830a78858d4ed4bfe32d87a%26vt%3D0bef00621830a78858d4ed4bfe32d879; Path=/; Domain=paypal.com; Expires=Thu, 04 Sep 2025 04:35:56 GMT; Secure
traceparent: 00-0000000000000000000f9436024c8189-21709b667ee8e91b-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 05 Sep 2022 04:35:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11537-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662352556.049160,VS0,VE180
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2