Report - web8624.web07.bero-webspace.de/

Report Overview

Submitted URL
web8624.web07.bero-webspace.de/
IP
109.71.253.24
ASN
#44486 SYNLINQ
Submitted
2022-09-17 09:26:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
104

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
web8624.web07.bero-webspace.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	3.2 MB	109.71.253.24
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	699 B	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	47 kB	34.120.237.76
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	117 kB	142.250.74.72
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
www.icscards.nl	863706	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	6.5 kB	185.195.93.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V
2022-09-16	medium	web8624.web07.bero-webspace.de/	International Card Services B.V

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-17	medium	web8624.web07.bero-webspace.de/	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/saved_resource	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/sca-login	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/plx.check.js	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/proxyid.js.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/arcotfpcollect.js.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/main.js(1).download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/modernizr.js.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/icons.woff2	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/SunOT-Light.ttf	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/sunot-bold-webfont.woff2	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/runtime.j.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/TSPD/?type=21	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/polyfills.j.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/saved_resource.html	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/jquery.min.js.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/polyfills.j.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/runtime.j.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/collectddna.js.download	Phishing
2022-09-17	medium	web8624.web07.bero-webspace.de/sca/main.js.download	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	web8624.web07.bero-webspace.de/sca/main.js.download	193 kB	2023-03-07	2024-01-04
Pretty URL web8624.web07.bero-webspace.de/sca/main.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen9 Hash 3c7049d4df41a5ad440fc368a059ddaf fcd3812dfcd3bd6f27c6952300dace825016bfd6 010877cc8f51a1623c13763c228ae9168cc4fd9e441348dd66029233834d6d89 Loading...

	web8624.web07.bero-webspace.de/	178 B	2023-03-07	2023-07-14
Pretty URL web8624.web07.bero-webspace.de/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-07-14 15:27:10 Times Seen4 Hash d0e439546c7c1f21ca6d53dd7e84d245 ff04ee4db1bb20c8c4c5617cee763576f71695da eb7595897e7aa8aeeddb618208d4dd53fd2aa264a7509b8387911f174f97a852 Loading...

	web8624.web07.bero-webspace.de/sca/saved_resource.html	5.1 kB	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/saved_resource.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash a94a9048aff9fab96612dc48038263f0 5cc4f7d46a16fed8786d08882c7cec47a4131ec0 74674f8b122212a3c322789a319a1ee9723a20afc87c7a4f4025e1bbf8b623f6 Loading...

	web8624.web07.bero-webspace.de/sca/plx.check.js	405 B	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/plx.check.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 2fdf1c376f83a3be5395f99b968f9032 aeac7b561dc0fb28d1ff5e89d4169c0a4c296dbc f9319a3cb3f94b3f15178b435645c53c01ff399253bb87377beae7557b83ad0f Loading...

	web8624.web07.bero-webspace.de/sca/proxyid.js.download	242 B	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/proxyid.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash c250b045737eb1d8167f215c166872f0 548b3b9294765d5bf096e60fc3bbca67877c93c6 525199a140d9c8ffc27e88b3923ac409187495c89bd22433d7b9a239fd095f0d Loading...

	web8624.web07.bero-webspace.de/sca/modernizr.js.download	1.5 kB	2023-03-07	2024-01-04
Pretty URL web8624.web07.bero-webspace.de/sca/modernizr.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen9 Hash 25cbdbc5350d7517649d75cc891fd2fd cd2634359e143b23eaac2c528e2162c9117d8e67 076157b465fa93c42e7100a6e904d4bfe90e788f48a12e55419f3aa5ca2bb3e3 Loading...

	web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)	53 kB	2023-03-07	2024-04-14
Pretty URL web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1) IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:07 Last Seen2024-04-14 02:33:35 Times Seen307 Hash c2e3dd5a6731ab68f051021eff499f4f 6739b37fb552d92db4ca07e5f25e783950b0ec75 552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3 Loading...

	web8624.web07.bero-webspace.de/sca/saved_resource.html	374 B	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/saved_resource.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 1d50b742a1078587ed9e9ba688fd2db7 756fa92b8f959d684fff42031f7c8b778c2b367b c0bc74ae251c6024d20d371de10328ab873a6e93e3407a5e9f03ff826fc671c4 Loading...

	web8624.web07.bero-webspace.de/sca/sca-login	32 kB	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/sca-login IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:20 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 7cf341175a491faa97107abcdbbb6eb1 3e4c3598dc9d26faf7b6946851bf480d2c96f00b ad7211417c487fff828204d17b260de32dbfecb1f34ec4cefec332174f912aed Loading...

	web8624.web07.bero-webspace.de/sca/jquery.min.js.download	87 kB	2023-03-07	2024-04-19
Pretty URL web8624.web07.bero-webspace.de/sca/jquery.min.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 23:22:10 Times Seen263026 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	web8624.web07.bero-webspace.de/sca/arcotfpcollect.js.download	56 kB	2023-03-07	2024-03-04
Pretty URL web8624.web07.bero-webspace.de/sca/arcotfpcollect.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-03-04 01:02:27 Times Seen13 Hash e1ba6cc4bfe644f6d1252d10994b8395 1fa8e789a1b738cd96a511728184e6c0c148d849 551adb05bca5625965bd33c60190c6afb9f00a5fe13ca6c18283129223a0e6b2 Loading...

	web8624.web07.bero-webspace.de/sca/collectddna.js.download	3.3 kB	2023-03-07	2024-01-04
Pretty URL web8624.web07.bero-webspace.de/sca/collectddna.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen11 Hash ba4950a8ffc3bd0d3cac62f7826d94b4 1124ac90e4fc2a0b8b8f97d113d63d25ed845284 608612cd000271d2b9944308d2a696d84d4fb3326a94ad0b89695a7aaf025e23 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 04:11:10 Times Seen36969512 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	web8624.web07.bero-webspace.de/	16 B	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 50bfa8a7676c95749da0ff59cb807098 456f90bb4814eb16b9b74b41d1784cb68080bc2e e2ff8b3cd2a525c256a795e1f585988276cf7e9c4caf7a503bf6f7d1de538f72 Loading...

	web8624.web07.bero-webspace.de/	64 B	2023-03-07	2024-04-14
Pretty URL web8624.web07.bero-webspace.de/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:59 Last Seen2024-04-14 02:33:33 Times Seen33 Hash df1fdf3e64cc943390f6616279dc6d89 45711487a47f80fe30802711954d3331a7df90d1 1378f0319bca5e0b2360a21db0816e498a0a264edef020f7cdf7ea4274601805 Loading...

	web8624.web07.bero-webspace.de/sca/saved_resource	8.0 kB	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/sca/saved_resource IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 43e4cd4d0d896cc2c4c1b724ce008764 b6df31b85bd329a6f026c41795c2ac83ad9dab87 91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer	420 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:42:41 Last Seen2023-03-07 17:42:41 Times Seen1 Hash 29f0974611bc440756e85ae3c771a690 6d3a66833fbf7fc8143776d21e659f41ec4dfce5 ac2bfa1bf5b7212849440c3ade3e7df7a74631c2bb372726f83822fcba6ca0a2 Loading...

	web8624.web07.bero-webspace.de/	128 B	2023-03-07	2023-03-17
Pretty URL web8624.web07.bero-webspace.de/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 79eb7841b069766eadc470d30202d4e2 7ad40ecb76cc07ef07dde0119bc5f7d63281ccd7 f695a74df0fb977ca1aa8d90bcf462983800c76dd9f1ef4f0d76a52eb673632f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0301eb1daf649e1a3f03fa233cc07375	221 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 0301eb1daf649e1a3f03fa233cc07375 24783eb076cbc6b64b64a20b2895178902d11a10 1bc10dadb3eae4448fecd16e9190744f08825491e208b2203912b2611d109dc5 Loading...

	#2 Eval - 34ae7349f3c036c000ace8a188b757ca	393 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 34ae7349f3c036c000ace8a188b757ca 1e0aef5226d4e79e6af723e2a51a0cf1776af4bc 6d66d266ffe906642925e2878bdd85a3eab174a8daa8e712ee0dee86d7a4a2a6 Loading...

	#3 Eval - f71b02f85dacf1c1801758a1faad7032	393 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash f71b02f85dacf1c1801758a1faad7032 c212f21442d3e65a0ed41845067abe2e8822fe17 407fa59236ffe3e4f3c3989d40ee16087abeb3caa9a56d40204bd6a623a9175e Loading...

	#4 Eval - 9e0d1a193d1b68c8c7b19679ac48a2ad	435 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 9e0d1a193d1b68c8c7b19679ac48a2ad 5c2454d043de84b38a083e12070c4d8cc10585d5 9058f5b44ded59138175a97af681d148ca1dc1ce65f0dd179360694f55b2255d Loading...

	#5 Eval - e05c6721aa8d3b64e56fbb5b5e30baaf	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash e05c6721aa8d3b64e56fbb5b5e30baaf 3b4609e16fe049b8c068a41c07f79ef865452fea f81f68ba381e2a023ec0b3e123acbc439102b6935e472ffdcc81bed8333be255 Loading...

	#6 Eval - f56697ed1c3b6e3d423e4ac6440ad489	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash f56697ed1c3b6e3d423e4ac6440ad489 759a519f6e3694085d2890e715f71377314129c9 3e4cdc0708a9fda02aeae676b99639d2c3cbced467b82e20d0ef877d4e246479 Loading...

	#7 Eval - 1a8f59edaa9e8efc6fe29521e27dca24	393 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 1a8f59edaa9e8efc6fe29521e27dca24 e4acc090bf99d1773859dc7f0f3d453891524b28 f719e653932761ac026863c91489cf5e58062145a80ed58d6b56e54a7c1b9c45 Loading...

	#8 Eval - 7d239a31a3bb0c29d1e80a4cee0ae9ce	22 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 7d239a31a3bb0c29d1e80a4cee0ae9ce f0cafc56dd27a5df45edd6c313a98ef7ad274830 08ddcec698d66136eac2c37762bef065b2835fe8ea347aac65137e6acf22051e Loading...

	#9 Eval - 23df4b0f78a2f0f436f3b4d9ed813875	25 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 23df4b0f78a2f0f436f3b4d9ed813875 0963f4b8ba2e1fb36e346f73d962038876064f98 67899a50d2cf0cf399c816b9584d61715f51828ab6a3605a67331cde8779f2ca Loading...

	#10 Eval - f28ce22cfb2ece14c5f3e2417ca49e05	24 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash f28ce22cfb2ece14c5f3e2417ca49e05 9a68c8b3b54c4001e92eebeb707ef4e3943a77af c305f420288c47aa66df970a6c243b77777903eebedd59b9f67b1ece1ab023da Loading...

	#11 Eval - 0fac64ba06eecf3ea1b11d16b3ac5caf	392 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 0fac64ba06eecf3ea1b11d16b3ac5caf 04db13eca8a0910575b0f5ab4b382253bac30c45 c10cc39c0de04ebce8e707cab5963b512c4336262da597dd47148f12b179ffee Loading...

	#12 Eval - 41a77401da27034db424f305e3eb6326	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 41a77401da27034db424f305e3eb6326 fdcec3a5b52aaa386ec1d7283e80735fde2f42d5 d9600086c47439b7cba4f492445671848899b3696b66e79e138a526ff26a596d Loading...

	#13 Eval - 00382d84f8b8ea67199c9cda3c7e44e6	2.0 kB	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 00382d84f8b8ea67199c9cda3c7e44e6 7976767b7d219c53b7924cdfa4c747a1376bd5b5 e749ab5db66f5db451e36e24c3666e45e8334e5b0d1158068d5a422f59dacfc1 Loading...

	#14 Eval - fddabd3326dc2d6acb657c6ac85875f9	435 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash fddabd3326dc2d6acb657c6ac85875f9 9b1dd090246859af8bd253b5029e9e0396a3ec5a b92475d231bfc5da11aeb85e31cd76b2adeeeebbb78363942c1ed02102388716 Loading...

	#15 Eval - ad7b3a88f1be9ec377c726e96a83cb14	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash ad7b3a88f1be9ec377c726e96a83cb14 ab0a3ac69be40b23cdb8aa22230208f4a4b53cf4 9e81828735369ce4c17f97cd90255ea0b639e80af31aa2f5af3e0476e7108229 Loading...

	#16 Eval - 9717c7bf5514ea540c0a4ae59bf9f450	23 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 9717c7bf5514ea540c0a4ae59bf9f450 0091779cf229b04faef1de210e412ef5b83620fb a43996c7c354c4b5bf038ea622f19cc05a9f1a50f2212217d6f69a16080d9ca5 Loading...

	#17 Eval - 03ebc8583be4bd7c3c2253935f69c4d5	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 03ebc8583be4bd7c3c2253935f69c4d5 cf32e8338a1bc1007042125258380ceb62c009f3 dc9e4b1065a36e862b7ba6999e24da76c59bd34cb813da9c5b38571777a56e74 Loading...

	#18 Eval - 1b0341b349154d927917387999f1aa41	308 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 1b0341b349154d927917387999f1aa41 f11cc86bd8165f5d62c125fe0ae6040568c6b3b1 46f20dc4ecb882387f754c14135fdcd7a4c290a4f0194417f8cbfaa8cd96d364 Loading...

	#19 Eval - fb2d3670d4999c8f5d7e45ec376df10b	222 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash fb2d3670d4999c8f5d7e45ec376df10b e74dda47e71bd70a9fb601652c55299b5b8f6679 ef672329f1de5b1fa6b9d267e7328e9d22e9e16ea6f0c44b743ce8ee21f6eeec Loading...

	#20 Eval - 6034ad255fb57d4fd4b25e8355d838a7	21 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 6034ad255fb57d4fd4b25e8355d838a7 31f2b4c90b50112a721f7a86ab9559c59ee24cea 4889753e95ccdb34497a0faa8c627bb9f79a6911df69c28c4a9026867d7b8038 Loading...

	#21 Eval - 9958c2cb3e4f9aa42a7b080711403b04	224 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 9958c2cb3e4f9aa42a7b080711403b04 d68edf3653ebdd71349c4f8ab4124b53f077ad8f a7d5344d6b13c176c152ffb0c143095688a8f0c99a6c4e6f6f647af90095ead2 Loading...

	#22 Eval - 2ddfb8d34dbedf115a4dc3d9678b962a	21 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 2ddfb8d34dbedf115a4dc3d9678b962a d7e89c471a260d023047f515bb1c34542a2f421c 48f42ff7e80c8ad9630397c9e4e8077a75004428e460f7dc4eae4d564888906f Loading...

	#23 Eval - d335d21e4486cf9c454c8638898cd244	436 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash d335d21e4486cf9c454c8638898cd244 ccd1e977db7349454bab46ec40dc563f8e1912d5 38a77815a2cebaebd9bbf6f2b52009c71d668a03e7c2389f50bf16a15494a572 Loading...

	#24 Eval - dbd05224981aecb76df44d8e367f1cb2	224 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash dbd05224981aecb76df44d8e367f1cb2 9b1fa3884b8ac03b4df39598f4b380527995813f 4dac348b1dfde00772160122636698a45639ff58b4ca4dec7b27a6f008b9c17d Loading...

		Size	First Seen	Last Seen
	#1 Write - 12b4917561137140137e8f53d0116d83	92 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 12b4917561137140137e8f53d0116d83 816c5503770e1cfbb990b709ad03c542fc757032 d891f55ccf031b697a77e6ceec1e4fc32327b32e1aea3e8b215ed61f20925065 Loading...

HTTP Transactions (49)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 09:11:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zZJnMuIkGtU8uAHECwpWP_u-tDvliGiykCKIAB1gU0yVmx_-vwrZhw==
Age: 909

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6014
Expires: Sat, 17 Sep 2022 11:06:39 GMT
Date: Sat, 17 Sep 2022 09:26:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 677Hpq16l6N1hRwQOd7tBv8BfEN-cw1nGnz0UR4PRejkiUhqRBh0Hw==
age: 21343
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6c10c61b0c23205bc5fd217193bb17f
f5e642d47d74dce8adc4b768ff53efa29f4b674b
31fdbf8ed16d475cf4e1af29a0fb6f8b833c05f83c4fd4817073d3838dbdae20

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31FDBF8ED16D475CF4E1AF29A0FB6F8B833C05F83C4FD4817073D3838DBDAE20"
Last-Modified: Fri, 16 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 17 Sep 2022 15:26:26 GMT
Date: Sat, 17 Sep 2022 09:26:26 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/

109.71.253.24

200 OK

14 kB

URL HTTP/2
web8624.web07.bero-webspace.de/
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19277)
Size
14 kB (13966 bytes)
Hash
d8de4ccc7b160f5732ea6062e7ead1c4
d995a2bde96ad2194587c9ab2e0ad0637dfe10f3
71505fa6541a570677087111efb1ce793960ae65efba3b46bc8bcd36de7761c6

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html; charset=UTF-8
content-length: 13966
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/saved_resource

109.71.253.24

200 OK

8.0 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/saved_resource
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (662)
Size
8.0 kB (7969 bytes)
Hash
43e4cd4d0d896cc2c4c1b724ce008764
b6df31b85bd329a6f026c41795c2ac83ad9dab87
91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/saved_resource HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/octet-stream
content-length: 7969
last-modified: Wed, 06 Jul 2022 14:38:24 GMT
etag: "62c59e60-1f21"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/sca-login

109.71.253.24

200 OK

32 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/sca-login
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12078), with CRLF, LF line terminators
Size
32 kB (31550 bytes)
Hash
7cf341175a491faa97107abcdbbb6eb1
3e4c3598dc9d26faf7b6946851bf480d2c96f00b
ad7211417c487fff828204d17b260de32dbfecb1f34ec4cefec332174f912aed

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/sca-login HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/octet-stream
content-length: 31550
last-modified: Wed, 06 Jul 2022 14:38:22 GMT
etag: "62c59e5e-7b3e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/plx.check.js

109.71.253.24

200 OK

209 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/plx.check.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
209 B (209 bytes)
Hash
65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/plx.check.js HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Wed, 06 Jul 2022 23:25:54 GMT
etag: "195-5e32b4a590480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 09:26:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

web8624.web07.bero-webspace.de/sca/zero.png

109.71.253.24

200 OK

68 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/zero.png
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V

HTTP Headers

GET /sca/zero.png HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Wed, 06 Jul 2022 14:38:46 GMT
etag: "44-5e323ed2c0980"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/proxyid.js.download

109.71.253.24

200 OK

220 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/proxyid.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
220 B (220 bytes)
Hash
cf3fdcb6394ca0e8e3572fb475e9e6a1
cb675d9ac518343f4875920256f1c624712bdf2e
fcd6504c3c6c1d1f3a2eea7953420cff9ab77162edded72d2e27c391f5d46f69

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/proxyid.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
content-length: 220
x-accel-version: 0.01
last-modified: Wed, 06 Jul 2022 14:38:34 GMT
etag: "f2-5e323ec74ee80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer

142.250.74.72

200 OK

116 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (64384)
Size
116 kB (116316 bytes)
Hash
9a969f04e1a0e4ad083123e921046a08
b1489c15d02d8b1f73e1fba92eabeee6d82400e3
ffe13e22a8c15901ce30f547eb11b72a2fcf28bcc2b71a94a71b21c40017014c

HTTP Headers

GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Sep 2022 09:26:26 GMT
expires: Sat, 17 Sep 2022 09:26:26 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 116316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/arcotfpcollect.js.download

109.71.253.24

200 OK

17 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/arcotfpcollect.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (703)
Size
17 kB (16621 bytes)
Hash
796db8d77010d9a6d2f4039dd5693f0f
51200df55e9ad993ed3a40faa471ad27d68a0744
d5c2d8a1b8b1fd0f6293f44fc92884c2940e34a456e3724b42ee1aed94092402

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/arcotfpcollect.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 14:38:30 GMT
etag: W/"62c59e66-d9fd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/main.js(1).download

109.71.253.24

200 OK

2.4 MB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/main.js(1).download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (65536), with no line terminators
Size
2.4 MB (2440637 bytes)
Hash
e1536c8df7642a47faf5e52414e95644
31111ec408192ab9c2eaedd75b8167ef0bd87c72
9b86e530307d396082ae6b004665b4b8a1dc7212f94f41e530c36bcc0cac3d70

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/main.js(1).download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/octet-stream
content-length: 2440637
last-modified: Wed, 06 Jul 2022 14:38:44 GMT
etag: "62c59e74-253dbd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 09:07:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AcgSpYqzC_Ueddp6UvXA-Oejc0Oli7G7QSCrGWc43vehuz-lI6P8Og==
Age: 1384

web8624.web07.bero-webspace.de/sca/modernizr.js.download

109.71.253.24

200 OK

87 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/modernizr.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (1428)
Size
87 kB (87009 bytes)
Hash
99a7d7bbfc723a5f4462a5ec0fac3dc6
9d5d2e66a3108de6198f7c94783f5ffba20f52c9
a16b1f3f1b7615e54afaa1b4d3f31e9ca5087db10494fedc8d5a271f534b8fee

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/modernizr.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 14:38:34 GMT
etag: W/"62c59e6a-5f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/icons.woff2

109.71.253.24

200 OK

9.8 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/icons.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size
9.8 kB (9840 bytes)
Hash
9afc5b0d946318dc4574bd8c34b4fb2f
7604ee53d1a8dfb010863eb8db4968b88decd96d
aee0070713b543535d52633e18e27589267fafe5d40479afc8aa301092ba04be

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/icons.woff2 HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/main-ics.css
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: font/woff2
content-length: 9840
last-modified: Wed, 06 Jul 2022 14:40:06 GMT
etag: "62c59ec6-2670"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/SunOT-Light.ttf

109.71.253.24

200 OK

86 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/SunOT-Light.ttf
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size
86 kB (86500 bytes)
Hash
fc9b52707830de91489044be4726abc6
f3eddc426afe06abde7ab9b9426b41944da24171
75af6860450b2595cd18ebad00dbf3927d9e494dfdbd12ceefcec15b2c03d84e

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/SunOT-Light.ttf HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/styles.css
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: font/ttf
content-length: 86500
last-modified: Wed, 06 Jul 2022 14:39:58 GMT
etag: "62c59ebe-151e4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/sunot-bold-webfont.woff2

109.71.253.24

200 OK

25 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/sunot-bold-webfont.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 4.66\012- data
Size
25 kB (24800 bytes)
Hash
819f042f2484072228ad1cb32902ffd8
22955f1851a789580b5c6136886ff2ceea0726ac
265235296a58d38174ac7198a96e108c4e9c7ceceb0ccb700d352c8b99a7c99d

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/sunot-bold-webfont.woff2 HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/main-ics.css
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: font/woff2
content-length: 24800
last-modified: Wed, 06 Jul 2022 14:41:26 GMT
etag: "62c59f16-60e0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/runtime.j.download

109.71.253.24

404 Not Found

87 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/runtime.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
87 kB (86658 bytes)
Hash
a808e2e2c8e4b13d00af1a52c525875f
82cbaafa21ab6ebb228370d79cbea2d7733bcc8a
bde1471ba7eeeeca302c103d7cdc04901473af9f40a58efd7a440106a433829e

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/runtime.j.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/ics-icons.woff2?mrp4y8

109.71.253.24

200 OK

6.6 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/ics-icons.woff2?mrp4y8
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 6640, version 1.0\012- data
Size
6.6 kB (6640 bytes)
Hash
63e2cb76dd1d001abe5c22de5d8a0ee8
595bf366b208110a66f257755b861c040d90dd39
26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b

HTTP Headers

GET /sca/ics-icons.woff2?mrp4y8 HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/styles.css
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: font/woff2
content-length: 6640
last-modified: Wed, 06 Jul 2022 14:41:18 GMT
etag: "62c59f0e-19f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 09:26:26 GMT
Last-Modified: Sat, 17 Sep 2022 07:38:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb

109.71.253.24

200 OK

283 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (545)
Size
283 kB (282826 bytes)
Hash
3db107422a2a20e84e1842d30ef7aa06
efe9a5d9a37fd55f84ec23dc222c2fe6f54dd032
49646c016f4d29b0499b92cb483ceb98a3170c3aba81ae563acc2961bdc65484

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/saved_resource.html
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:27 GMT
content-type: application/octet-stream
content-length: 282826
last-modified: Wed, 06 Jul 2022 14:38:48 GMT
etag: "62c59e78-450ca"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)

109.71.253.24

200 OK

53 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
C source, ASCII text
Size
53 kB (53065 bytes)
Hash
c2e3dd5a6731ab68f051021eff499f4f
6739b37fb552d92db4ca07e5f25e783950b0ec75
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1) HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/saved_resource.html
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:27 GMT
content-type: application/octet-stream
content-length: 53065
last-modified: Wed, 06 Jul 2022 14:38:50 GMT
etag: "62c59e7a-cf49"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/error_docs/styles.css

109.71.253.24

200 OK

948 B

URL HTTP/2
web8624.web07.bero-webspace.de/error_docs/styles.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
948 B (948 bytes)
Hash
0609b582b779b34fac999fc5e728804f
e62f5606ba6e8ed97cd8ab7f867e4e3fafd024e1
c53e939d03cabaa8970cdcb8d3c9fdb7ee26c99ab1cda3a56d043893c5bd09c3

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V

HTTP Headers

GET /error_docs/styles.css HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/TSPD/?type=21
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:27 GMT
content-type: text/css
content-length: 948
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: "a9e-5e8ce967560bd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/styles.css

109.71.253.24

200 OK

40 kB

URL HTTP/2
web8624.web07.bero-webspace.de/sca/styles.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (40263 bytes)
Hash
22925103aaf90813aab3157425fe08d1
45fe18f4050499f136dfcdbe8bb6cc7baafd3f2b
1b8619d1db4d8cef64f4196dd06984583a11caffe62108dae2f2831da7b276f1

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V

HTTP Headers

GET /sca/styles.css HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 14:38:28 GMT
etag: W/"62c59e64-78c5d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3537e81efa8d4d0ddec76096703b5d2e
c590fb660d1737a14666d3fa721892dbf3fbdd1c
7374e55aa8b840f46dab92be7c6b6a2e3842b57e899ec03e136cd09e278f8fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 09:26:27 GMT
Last-Modified: Sat, 17 Sep 2022 07:37:38 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 471

www.icscards.nl/webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png

185.195.93.72

200

5.5 kB

URL HTTP/1.1
www.icscards.nl/webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
185.195.93.72:0
ASN
#42649 Baffin Bay Networks AB

File type
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5528 bytes)
Hash
75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63

HTTP Headers

GET /webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
content-length: 5528
content-type: image/png;charset=UTF-8
date: Sat, 17 Sep 2022 09:26:27 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Sun, 17 Sep 2023 09:26:27 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d0o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!L0ovcs8Zdnabcfy8EOda6AVGp4P79S3O3Mo+DaZZFtUTVjzkhKG21Be0MP3UR9Pexhf06mxSyuymZdw=; path=/; Httponly; Secure
BBN01677320=0135ab579aec248ee7be672c5bdf32b4c6354992d7f87250701cec3f4c4045adf2b339152d9558ce37f762cae3173aaedce8acb457279f212b733ed9cd158803a66c887411; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11180
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 09:26:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11180
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 09:26:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11180
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 09:26:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7305 bytes)
Hash
f108cfb79dd8405677b7406910d11ba5
5ef30af418df5e44a0927361b679b8117c38c473
b4b973702c6c98eaf28345b019c8cf022e8056e07f508e17d156c9e136f11936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7305
x-amzn-requestid: 15096102-8ffe-47df-bfc7-ff1a1fb9fd1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFJmIAMF5Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-5c5ca26a24f39af979c17495;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5lUx834-NLHpKCxmdiAdNxCXqqNKGcDJlt9wmGR-XxdlroBfwVTrNg==
via: 1.1 e943d5f0cbb0d255d29da0ddf6639ba8.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
age: 42306
etag: "5ef30af418df5e44a0927361b679b8117c38c473"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5234 bytes)
Hash
9c807387d303abb2bca1ef14b14c9e26
428fe80d3f35758433a6b2cf25e6bcb5f63a6a63
277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5234
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yknn_EFzoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63"
content-type: image/jpeg
age: 42306
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 40980
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5956 bytes)
Hash
3e963daffb462e89d9d67e6193944cc3
ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c
cc24af0aedb89ab059b6706b8e51708547ea2ce2b2c2743425810b44af7c68c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5956
x-amzn-requestid: 19032fea-67c3-404f-bf3e-9b436a61a7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeNW4G30oAMFw0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63225c2b-3da099be3781af033658520f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:56:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iITasHJYVP9sMCE7074VGGXwzKVd-0VdZqWYFuKPSt3G91Tq2vWExA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 23:32:44 GMT
age: 35624
etag: "ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7788 bytes)
Hash
7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 39317
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5983 bytes)
Hash
e1b42bfa9fc6593b0444391dc260329a
b9c4cd422b818c859ac6ca928bc9e932a578ce30
89eee7200bf7a8bf100f64aee2208d7852265a85feb133fc87846b15cd96e842

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5983
x-amzn-requestid: ba84a9a2-3ebe-4dc9-9604-98d5cccb4f2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFxpoAMFrpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-55cd6d0a6e39357c226dd21d;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kWRS1NfiK9etmIoDtGu3C6uf8oqrL3r-mkM6BaTFPyNb6z4lYB38pw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:53:58 GMT
age: 41550
etag: "b9c4cd422b818c859ac6ca928bc9e932a578ce30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/TSPD/?type=21

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/TSPD/?type=21
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /TSPD/?type=21 HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:27 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13 HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/sca/saved_resource.html
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2; did_proxy=1:zEUeQFVqXRrb1FthfkZ64J1LHpob1ksgZd7jHNpUxXxlq0gz2-i7oZP9U70asvhwgYSKXzVQArfJATAYu8N_bw; BBN00000000100=082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce30855cbc20f07e0006406f45a8c8e207a383bd1ce5dc5c19fb63d9a392305aeef88e2c8281828fae91e85231cba75952302ab1841fe84501eb4c395e1284f8a6f05b1c678e8248bbe251383ed85c32466d66405115faa851c281a7311320575261240acfc9a2abca2dfcd59c97ba61568d4129d873f8d9194e06c96365e0acaffd64c3fd2cfe983d267f5d1c39790212d0d01f5ce582ee5e571d8d9d51900586e0149d9216d8763db98571af0707cf6b78b416543a70fb7ba852ec1299d07b1f9e3946a290de186f9036f17302cc494216e73e91f281313b4320826c7a8a6aef88f57b6b4fc74c166
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:28 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/main-ics.css

109.71.253.24

200 OK

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/main-ics.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V

HTTP Headers

GET /sca/main-ics.css HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 14:46:22 GMT
etag: W/"62c5a03e-3fc72"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/polyfills.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/polyfills.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/polyfills.j.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/saved_resource.html

109.71.253.24

200 OK

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/saved_resource.html
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/saved_resource.html HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:27 GMT
content-type: text/html
last-modified: Wed, 06 Jul 2022 14:38:50 GMT
etag: W/"62c59e7a-19a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/jquery.min.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/jquery.min.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/jquery.min.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 14:38:36 GMT
etag: W/"62c59e6c-152b5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/polyfills.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/polyfills.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/polyfills.j.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/runtime.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/runtime.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/runtime.j.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: text/html
last-modified: Fri, 16 Sep 2022 17:21:08 GMT
etag: W/"328-5e8ce967560bd"
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/collectddna.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/collectddna.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/collectddna.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 14:38:32 GMT
etag: W/"62c59e68-d13"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8624.web07.bero-webspace.de/sca/main.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8624.web07.bero-webspace.de/sca/main.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /sca/main.js.download HTTP/1.1
Host: web8624.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8624.web07.bero-webspace.de/
Cookie: PHPSESSID=s011g500cu8ahb2ddpshf5ujd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 09:26:26 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 14:38:38 GMT
etag: W/"62c59e6e-2f2c6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations