Report - web8713.web07.bero-webspace.de/PAGINA-HOME/

Report Overview

Submitted URL
web8713.web07.bero-webspace.de/PAGINA-HOME/
IP
109.71.253.24
ASN
#44486 SYNLINQ
Submitted
2022-09-28 21:13:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	22 kB	142.250.74.174
icscards.nl	366859	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	556 B	185.195.93.72
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	731 B	1.1 kB	216.58.207.194
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	373 B	31.13.72.36
www.icscards.nl	863706	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	6.5 kB	185.195.93.72
w.usabilla.com	3254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	14 kB	34.254.43.202
d6tizftlrpuof.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	2.4 kB	54.230.245.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	14 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	113 kB	142.250.74.72
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	532 B	679 B	64.233.165.156
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.100
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	723 B	1.2 kB	142.250.74.130
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.5 kB	143.204.55.36
web8713.web07.bero-webspace.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	545 kB	109.71.253.24
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	28 kB	31.13.72.12
8602056.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	1.3 kB	142.250.74.70
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	75 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/	International Card Services B.V

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/plx.check.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/proxyid.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/collectddna.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/analytics.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/icons.woff	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/8574.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/ics-icons.woff2	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-SemiBold.ttf	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-Light.ttf	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/sunot-bold-webfont.woff2	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/conversion_async.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/jquery-1.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main_002.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/a	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm_002.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/polyfills.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/runtime.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/arcotfpcollect.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/fbevents.js	Phishing
2022-09-28	medium	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/modernizr.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (51)

	URL	Size	First Seen	Last Seen
	web8713.web07.bero-webspace.de/PAGINA-HOME/	178 B	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-07-14 15:27:10 Times Seen4 Hash d0e439546c7c1f21ca6d53dd7e84d245 ff04ee4db1bb20c8c4c5617cee763576f71695da eb7595897e7aa8aeeddb618208d4dd53fd2aa264a7509b8387911f174f97a852 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PVW329	91 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PVW329 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:13:19 Last Seen2023-03-08 03:13:22 Times Seen1 Hash bf0bbdf43021023d2aa2bfffa2c6fb52 2e57fd8fea5ac639f6d103d67f225da091cb1758 4c4758bf621fa370e0c39a85dd0b005dd79c1c92b8e4c3269de0210ad088d0e8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/plx.check.js	405 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/plx.check.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 2fdf1c376f83a3be5395f99b968f9032 aeac7b561dc0fb28d1ff5e89d4169c0a4c296dbc f9319a3cb3f94b3f15178b435645c53c01ff399253bb87377beae7557b83ad0f Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/conversion_async.js	24 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/conversion_async.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash d47174d8955d2a02eb1469920aa31b9b 96b5d6316d8355856b0cf257915b6c00629ffa69 f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main.js	190 kB	2023-03-07	2023-08-24
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-08-24 01:45:53 Times Seen3 Hash 49997597856dde31a1137649147ae754 06a865196b26f468306fda125cd8070da19e7db6 457470407ebfba05a3e072b4d0b1fff080193ccbcb192c664500c860e1786218 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/polyfills.js	109 kB	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/polyfills.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen7 Hash 10a66f4c40b63c4d88a7bd510f29de97 a3627533273ca4525038928f2d7f4ff085bd59fd 599c81fcee2bc4d5ad375e508e6c92ce3fe1095f4bac101835c9874c3383beee Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/modernizr.js	1.5 kB	2023-03-07	2024-01-04
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/modernizr.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen9 Hash 25cbdbc5350d7517649d75cc891fd2fd cd2634359e143b23eaac2c528e2162c9117d8e67 076157b465fa93c42e7100a6e904d4bfe90e788f48a12e55419f3aa5ca2bb3e3 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	2.0 kB	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen4 Hash 49ab5058c5f5e1e5689fefe2dc64e632 329b680043f3616a312ca507cca5a3a3b89e2023 d52b4187c783adb55ea95a75447ee5bc5dce23c12034a7d6654d532dbe092f3c Loading...

	connect.facebook.net/signals/config/581814205522419?v=2.9.84&r=stable	25 kB	2023-03-07	2023-03-17
Pretty URL connect.facebook.net/signals/config/581814205522419?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:50:32 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 194bd0c85fe818293f1a61c51d92cb4c 1872bea0aec1c8f6dc168fcb97828f49b0d489db 454d41cf124d13155e50e213a56413f1d4111574079d416014dbb3883136cc80 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/arcotfpcollect.js	34 kB	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/arcotfpcollect.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:59 Last Seen2023-07-14 15:27:10 Times Seen7 Hash c07366a25b9897807563ede58f5c6779 f413e35e51c5e1745069517b409ba14f4765e8ba 9933fba197b8b12d44ddc31fc7f327ef7fcac0e05630175446597e984c74776a Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/js	111 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash a6de53e4b3f6fda18ee2a9883ada2f2f 4c403c12f363f02a46db9bbafa72d527011e1777 358c3a6c47b288112cef0f6d932d8b7ce82ef30da914bd9bb25611d033a22d22 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	95 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash c39bc2f74290e09ed7e930cf3937ceed 9bf7b951a436f08b4e5631cdd5b5bc5f1436b6bf c70bfa4790d418bfeab0216bdc3068c736cffabb77ad8e28f5955f175788f590 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	24 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 4dc36af90cc8581a8bce7c347a1a93c6 8d292e4e715b65e88cb9ee684729dbf1ed8327ae 1517a2fb3e38fe863e2a85c23085be9df9bcee5ab65c8d69e12bd9abe22e8697 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/analytics.js	44 kB	2023-03-07	2024-04-26
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/analytics.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-04-26 15:47:56 Times Seen52 Hash b66b3b5d54e154c81a50880cdcd7e5f8 dd62dfaa936d8c1143dfcad8808bc559d1a0b199 dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main_002.js	2.4 MB	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main_002.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen4 Hash b4b5337cdc9f884934a82a8ca0705734 0120d37e86d9b80c184770b7205517858d787797 117b360c8779ffa4fff52d37d282f4ea045dfa8207512b656f81212e98c07195 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/proxyid.js	164 B	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/proxyid.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen7 Hash ff36569927b6dbeaadbe33c0180c64d6 875971cf9d413472cef5c04100963d966b3b9102 f178878e526f9c318bfc328469ee0774d0c7a308916f456fdc505776b2d8ed0f Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	178 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 55a2659d24304ae652e9d9e604819962 61c5ff50a2987f87bc0706790486672d69393c44 73181e973ef31a89e2de673fda555dc0e1bceaef55182a27f81de71644b39e06 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/8574.js	16 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/8574.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 35d0a313babb9788f580daa2a6939771 68cc61d351109502ad5ee238c380524d971cff6a c6460facb4a9a569a622e696b71023e5106215bd02741b0ccba47d31472684ad Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	390 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 215c6f4eef6f6bb23704f05f83f3944f a65ba1a154d7111b24c73afc543a5bebabaec03f 161435cded79369aa98112e7232dc0b80ff38ccbd35857e30a75292dfb07b7d1 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	135 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:59 Last Seen2023-03-17 12:29:08 Times Seen1 Hash c2a61c43fbb39001d38518164f2b9aa9 1306b5d78fd3937c690c0017bf9b53e30ab630d5 440d35c130001f95ad05dfc603e0f9d94fd476c35022ac46bade884e8c4c38f0 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/runtime.js	1.5 kB	2023-03-07	2024-05-02
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/runtime.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2024-05-02 16:53:34 Times Seen20 Hash d68ae1d68307abe5cbce649d966e97f1 21109b3561b5a6c3ed51bc3015962f05da8e57b3 f6d14a5c40a406c335c7aea3f6983070bb59111b470bdf39bd7e1c3f4618b9f4 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	784 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 0aa93c83fbba7026d2b74fc08cfffd1f ead4a35f2c38e227f8a23ceb2f06386fc64f1944 58c45148b49e8c0b7d479a0983ff0ea2caf3e4c8625fedeae831669828e6148c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer	399 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:13:19 Last Seen2023-03-08 03:13:19 Times Seen1 Hash 0278312e24b6aa485a5a5a1466d48e5c 0932a7b4419850bd8820166742699c4b7f8ea91f a35dd6ab4e67e74bcbed7ab6f6b456b77d5f66ef960d6b9d0223e3de40d10aab Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/fbevents.js	124 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/fbevents.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:01 Last Seen2023-03-17 12:29:06 Times Seen1 Hash b1fb4af7cd7d1404e2c2196169b9a100 e8ab06703fda0dc50397b6dcbdb7317a80a20eda 14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm_002.js	138 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm_002.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 13d41cdd11ff1e2da619bcfad05c605d 7b332e78f34c9238bec1d63457f34f68f1d429c6 d67dad04de0aaf6a4880e14501f86863236b8fd801e964b44580a3957ffdb056 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/jquery-1.js	97 kB	2023-03-07	2024-05-07
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/jquery-1.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:02 Last Seen2024-05-07 00:30:24 Times Seen4997 Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	366 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash ed4dfb2779bd00c26b6f11d7de8105e8 1a8e7f7ad9e8e1881b84afdb36f275bc0f98e4e9 d1059f05635aa3f7484dcfea993362c437c80f6d7776a2e72a7601d47742fe0f Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	325 B	2023-03-07	2024-01-04
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:51 Last Seen2024-01-04 00:34:53 Times Seen10 Hash 05e74cfbe53dd98c088d051be06afb6a e6b650f65c05515b740befb18b4340bd1ea3e630 a506e465102f061ba3bc3ae3408af9c7a4f005aac5b92029f5c7700b23de8b97 Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	w.usabilla.com/a1d53d1e874a.js?lv=1	48 kB	2023-03-08	2023-03-08
Pretty URL w.usabilla.com/a1d53d1e874a.js?lv=1 IP 34.254.43.202 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:16:11 Last Seen2023-03-08 12:18:48 Times Seen1 Hash b362978d41600f36bbec2537d5d1a616 861019c965a8425b6caf68a21f55df8176ef2d89 60f77bdae3ce5b5b1defcfe62c91a50778ee07fe0447aaead0d61375a1f4b6f0 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm.js	120 kB	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:06 Times Seen1 Hash c321cff4d57b8faacac5fb80a16383cc 19af8ed892906c48070211e3aae80e08f4ea2808 b909c7d44a9161b1941717b58aa4ada6cc363211bdb8882a61820a856717a379 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/collectddna.js	2.7 kB	2023-03-07	2023-07-14
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/collectddna.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:59 Last Seen2023-07-14 15:27:10 Times Seen6 Hash e98332328f5148e476ceec48303d30cc 200d2ebd234d0887b7456cf3a1a1b113f7223fdf 3c17bc0dc32d0c5cf2fdacf76c4475a61cbe5b157cfc15d99ae285aee9b31320 Loading...

	web8713.web07.bero-webspace.de/PAGINA-HOME/	213 B	2023-03-07	2023-03-17
Pretty URL web8713.web07.bero-webspace.de/PAGINA-HOME/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 612659a6187e3b2d1e130bdc1b5ab9ad e3c37da3bdc846bbb1e5e1263825b966dc59657c 91d74b7fc01d2bbaefdb1cfe6ef4f01abdff29aa0c7a3d5a1b102ceb574266d0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 75c6be271970437e9cf8116cecde87e3	165 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash 75c6be271970437e9cf8116cecde87e3 bb5976051b2f25de22c26af6e6cd82963edb02ae a9642ff9a5eab0edf4e047a63f242250b65c439386415100fefce52969978ee6 Loading...

	#2 Eval - 02b243f7115ba3476d2960b80590df18	166 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash 02b243f7115ba3476d2960b80590df18 f5ec44ed8704011a7943b02e7b15fa48ab5939da 4a47d58236154709ff32cfc37bf7e80abff1c0ff5b257e9914ba200ed86594b4 Loading...

	#3 Eval - 9717c7bf5514ea540c0a4ae59bf9f450	23 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash 9717c7bf5514ea540c0a4ae59bf9f450 0091779cf229b04faef1de210e412ef5b83620fb a43996c7c354c4b5bf038ea622f19cc05a9f1a50f2212217d6f69a16080d9ca5 Loading...

	#4 Eval - caf8c07b49321674488bacd5fdb87cab	279 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash caf8c07b49321674488bacd5fdb87cab d82f6bf725a6f8b8259f0e5d7564d099eed4fa36 4b6c45229d7a07624176686d83150bd0832ffe30be6052b3792a8c3db9107472 Loading...

	#5 Eval - 179f0fe6c5902aa7fd41fd3278394f23	123 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash 179f0fe6c5902aa7fd41fd3278394f23 e1b7cedcb4632a7217db7bb13541cc93e5c917ab 855ec6f069e993eed5835a468756e652837fa191595a3d16ec085f1d4fcaa44b Loading...

	#6 Eval - 23df4b0f78a2f0f436f3b4d9ed813875	25 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash 23df4b0f78a2f0f436f3b4d9ed813875 0963f4b8ba2e1fb36e346f73d962038876064f98 67899a50d2cf0cf399c816b9584d61715f51828ab6a3605a67331cde8779f2ca Loading...

	#7 Eval - f28ce22cfb2ece14c5f3e2417ca49e05	24 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash f28ce22cfb2ece14c5f3e2417ca49e05 9a68c8b3b54c4001e92eebeb707ef4e3943a77af c305f420288c47aa66df970a6c243b77777903eebedd59b9f67b1ece1ab023da Loading...

	#8 Eval - c3c2805e105628dc10adee49b1ff4616	121 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash c3c2805e105628dc10adee49b1ff4616 9f32df629808ea3488b4802c742997f7c86e0ea0 d66c33b48718c6b87703459e4737b281580d97514056833d87254be2cc16a2c3 Loading...

	#9 Eval - ff9ded9707ab8a0ceeade5ef63790ade	279 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 16:20:19 Last Seen2023-07-14 15:27:10 Times Seen3 Hash ff9ded9707ab8a0ceeade5ef63790ade 6fcf8fcc38ddff49fb5a8e3c5bf3fe6964e8f140 e9f1ad5dd7d8b80fa11c9c22aa2aa4c11b50b2dfde8538836b101e5c8b026ebb Loading...

	#10 Eval - 4b74f9c02f3b4545dd6055db5fb9fe6e	22 kB	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen4 Hash 4b74f9c02f3b4545dd6055db5fb9fe6e fed18ec485a61e8964a7c21558d823f22a695103 61b6b77d03610aefe984258696d1944717969c272e6e477da917d182b2e8bea5 Loading...

	#11 Eval - cf727c91c332eaecd826752d146ad2f4	121 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:26:16 Times Seen2 Hash cf727c91c332eaecd826752d146ad2f4 b75d98fc2b0e66a0b9eb84969d00af35e0c86719 c6253e7b2716a62bcd27656e53cf1c1a49db7d1665f6d0a81fab08ce5f4e5215 Loading...

	#12 Eval - 7d239a31a3bb0c29d1e80a4cee0ae9ce	22 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash 7d239a31a3bb0c29d1e80a4cee0ae9ce f0cafc56dd27a5df45edd6c313a98ef7ad274830 08ddcec698d66136eac2c37762bef065b2835fe8ea347aac65137e6acf22051e Loading...

	#13 Eval - 2ddfb8d34dbedf115a4dc3d9678b962a	21 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash 2ddfb8d34dbedf115a4dc3d9678b962a d7e89c471a260d023047f515bb1c34542a2f421c 48f42ff7e80c8ad9630397c9e4e8077a75004428e460f7dc4eae4d564888906f Loading...

	#14 Eval - 6034ad255fb57d4fd4b25e8355d838a7	21 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-24 08:25:10 Times Seen77 Hash 6034ad255fb57d4fd4b25e8355d838a7 31f2b4c90b50112a721f7a86ab9559c59ee24cea 4889753e95ccdb34497a0faa8c627bb9f79a6911df69c28c4a9026867d7b8038 Loading...

		Size	First Seen	Last Seen
	#1 Write - 42f8433ffe8851a107aa0fb548e2bba4	99 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 42f8433ffe8851a107aa0fb548e2bba4 17e66de08ffa7719e039defbcdfe05172dc2e7c1 0fb4f882492415ec728b21ee6c9ac60da94a0ebc97485e8e1bfca95daf148d1e Loading...

	#2 Write - 896e1b2d9b98ac98d2a01f55e733fb91	173 B	2023-03-07	2023-07-14
Pretty Observations First Seen2023-03-07 12:39:00 Last Seen2023-07-14 15:27:10 Times Seen4 Hash 896e1b2d9b98ac98d2a01f55e733fb91 b7e5f33bd94b5e0fc253d5a633688b843a944c92 c4b15ac3cff1c3868b0bfd208bad6aca0a7556104b82673a8b5394489a2373fb Loading...

	#3 Write - 236965e0558e64b0c724b9ef86a70feb	500 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:39:00 Last Seen2023-03-17 12:29:08 Times Seen1 Hash 236965e0558e64b0c724b9ef86a70feb 00806a6e512558742257739c5f9da7c771318a5e 16a07ce7e4b9037ecb137627727c5f7557f1ff6ad1f7ed3778ecfc3add9891b5 Loading...

HTTP Transactions (72)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 20:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lm9QG7ovzlVSMD5TFgs3PNoqqHzk2reIDJNQnYGgkze5xbjFW_Sl9A==
Age: 3479

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Wed, 28 Sep 2022 23:17:02 GMT
Date: Wed, 28 Sep 2022 21:13:38 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c3g3tS6yZBCy_BP9TNvffNBEp1tBbbXM-7zvbKG0s6se1B1m6dN1XQ==
age: 56712
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5c707e3e767776ba9f0d5aaa716997b6
7861f63257039eaebb82facc4a01849afd41bcb1
bae717c6c11996c218d4a12ef9b0f91223fc0ec43d6de9885ba331f7c02e1057

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAE717C6C11996C218D4A12EF9B0F91223FC0EC43D6DE9885BA331F7C02E1057"
Last-Modified: Wed, 28 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17749
Expires: Thu, 29 Sep 2022 02:09:27 GMT
Date: Wed, 28 Sep 2022 21:13:38 GMT
Connection: keep-alive

web8713.web07.bero-webspace.de/PAGINA-HOME/

109.71.253.24

200 OK

16 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19360), with CRLF line terminators
Size
16 kB (16220 bytes)
Hash
0b4a8491e8455ed6d58688dafebaf67f
e5b5cff0286090e851ff2a8ab0609de88ffda13f
557f0fa95fea48a5f0f92a06099cb6a5dd7c1431e81014e3be70352c3591c1a2

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/ HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:38 GMT
content-type: text/html; charset=UTF-8
content-length: 16220
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/plx.check.js

109.71.253.24

200 OK

209 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/plx.check.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
209 B (209 bytes)
Hash
65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/plx.check.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Thu, 06 Feb 2020 00:26:40 GMT
etag: "195-59ddd53a1d000-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/proxyid.js

109.71.253.24

200 OK

170 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/proxyid.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
df12345b39e09a10716a3d123eed0456
0eaa13a8a6acb765c1ef90b80827244ae1ec2453
c64bd5b1de5bb032bb18fe298f50ab7678848b765b9a81b250444f8506e95f10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/proxyid.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
content-length: 170
x-accel-version: 0.01
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: "a4-59d9d19184300-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/js

109.71.253.24

200 OK

111 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (1571)
Size
111 kB (110845 bytes)
Hash
a6de53e4b3f6fda18ee2a9883ada2f2f
4c403c12f363f02a46db9bbafa72d527011e1777
358c3a6c47b288112cef0f6d932d8b7ce82ef30da914bd9bb25611d033a22d22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/octet-stream
content-length: 110845
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: "5e3727ac-1b0fd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/extra-veilig-inloggen.png

109.71.253.24

200 OK

2.6 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/extra-veilig-inloggen.png
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
PNG image data, 193 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2604 bytes)
Hash
d92d46789bd26332413f749c9049025f
bd82a9f760c742e15c609555753f25b7cb24b0a0
23b6fb0108b94d2d81693c51c160e6be5d60855078f0a042a13334e81b79dec9

HTTP Headers

GET /PAGINA-HOME/SCI/extra-veilig-inloggen.png HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: image/png
content-length: 2604
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: "5e3727ac-a2c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/zero.png

109.71.253.24

200 OK

68 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/zero.png
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /PAGINA-HOME/SCI/zero.png HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: "44-59d9d19184300"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/collectddna.js

109.71.253.24

200 OK

1.2 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/collectddna.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (2697), with no line terminators
Size
1.2 kB (1197 bytes)
Hash
b050dc9207df0306776300fd04a44321
12a8469dcbe9e6496532259f98619ddf0e5b1bca
e89ee6e548bb9a2c393374e8842a7a2979baa890d1c92ea99b145ba83f87bc56

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/collectddna.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: W/"5e3727ac-a89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/analytics.js

109.71.253.24

200 OK

104 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/analytics.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (1490)
Size
104 kB (103613 bytes)
Hash
acf9b36ae87f0aaa7c412dd02793bd29
d990ff7d295c6484bdcf2438cf8536257d07c35a
bde5457ddbf1774be6c933d4d12f48a907993334fcca14eca00139ec1612421b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/analytics.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-adb6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/icons.woff

109.71.253.24

200 OK

11 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/icons.woff
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format, TrueType, length 11160, version 1.0\012- data
Size
11 kB (11160 bytes)
Hash
8dc03542a25b5a4e35d7f6d420203e69
d836d4d01e9d719741e86bf521ae2163571f04d8
c1f3874cc3f5467a309962d1f127dc7c0f5bfdba58e6084a779d4dacefcefb8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/icons.woff HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main-ics.css
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: font/woff
content-length: 11160
last-modified: Tue, 04 Feb 2020 14:24:20 GMT
etag: "5e397e94-2b98"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/8574.js

109.71.253.24

200 OK

44 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/8574.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (16427)
Size
44 kB (44004 bytes)
Hash
9474973c31a83f044859e0b015e22975
14364e7950cae42ac04be4db5f4843d5b789d9bb
31008a7f56e381ee4145f75c3c1ed8a9c07b46db02735838ed9d1eed285766eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/8574.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:48:42 GMT
etag: W/"5d8bc49a-402c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer

142.250.74.72

200 OK

112 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (64365)
Size
112 kB (112546 bytes)
Hash
88886d1f548c220707c12aaacd8e06c3
c0eeb0d497eafab8b43e09b9b4cd1ed10386b94a
614e3d70dcd33a04e533aa1a5a501aef09f3b62339b312f9c0390a7890fd52da

HTTP Headers

GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 21:13:39 GMT
expires: Wed, 28 Sep 2022 21:13:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 112546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:39 GMT
Last-Modified: Wed, 28 Sep 2022 19:28:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/ics-icons.woff2

109.71.253.24

200 OK

6.6 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/ics-icons.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 6640, version 1.0\012- data
Size
6.6 kB (6640 bytes)
Hash
63e2cb76dd1d001abe5c22de5d8a0ee8
595bf366b208110a66f257755b861c040d90dd39
26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/ics-icons.woff2 HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/styles.css
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: font/woff2
content-length: 6640
last-modified: Fri, 31 Jan 2020 23:49:18 GMT
etag: "5e34bcfe-19f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-SemiBold.ttf

109.71.253.24

200 OK

86 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-SemiBold.ttf
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size
86 kB (86288 bytes)
Hash
9895a3dd3b26f35e2096b4434a8ae474
eddb8cacb48cf23ecd4d60ef0701da93e47ae855
21caab764c78b5bef10d7d4d83c1a52c42aed38151c7ba791aad08c2bb416600

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/SunOT-SemiBold.ttf HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/styles.css
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: font/ttf
content-length: 86288
last-modified: Sun, 02 Feb 2020 19:51:20 GMT
etag: "5e372838-15110"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-Light.ttf

109.71.253.24

200 OK

86 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/SunOT-Light.ttf
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size
86 kB (86500 bytes)
Hash
fc9b52707830de91489044be4726abc6
f3eddc426afe06abde7ab9b9426b41944da24171
75af6860450b2595cd18ebad00dbf3927d9e494dfdbd12ceefcec15b2c03d84e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/SunOT-Light.ttf HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/styles.css
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: font/ttf
content-length: 86500
last-modified: Fri, 31 Jan 2020 23:48:46 GMT
etag: "5e34bcde-151e4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/sunot-bold-webfont.woff2

109.71.253.24

200 OK

25 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/sunot-bold-webfont.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 4.66\012- data
Size
25 kB (24800 bytes)
Hash
819f042f2484072228ad1cb32902ffd8
22955f1851a789580b5c6136886ff2ceea0726ac
265235296a58d38174ac7198a96e108c4e9c7ceceb0ccb700d352c8b99a7c99d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/sunot-bold-webfont.woff2 HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main-ics.css
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: font/woff2
content-length: 24800
last-modified: Fri, 31 Jan 2020 23:49:26 GMT
etag: "5e34bd06-60e0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js

109.71.253.24

404 Not Found

841 B

URL HTTP/2
web8713.web07.bero-webspace.de/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
841 B (841 bytes)
Hash
9ea6c89b18f9d220f5bd820dc67304e6
3aa9bf31d8706f9c80637577cfaa072142a2762e
1ab59392022017cb22f64879bb450b4c688b7fb2271d68b4e25e5919c0fec674

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk; _ga=GA1.4.440513768.1664399617; _gid=GA1.4.1475561481.1664399617; _gat_UA-63549881-7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: text/html
last-modified: Wed, 28 Sep 2022 01:46:01 GMT
etag: W/"328-5e9b2ec4a5a22"
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/conversion_async.js

109.71.253.24

200 OK

9.3 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/conversion_async.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (1756)
Size
9.3 kB (9300 bytes)
Hash
dc16331e0f40eab39e5d3809ec73d52c
378522342ca09edbd2c50d9524e7283dd310778d
e227d34302ce7f81dfd0b987ad2943753dbb3c0fd3bd2e76ec4342dc1e4a6ef8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/conversion_async.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:48:42 GMT
etag: W/"5d8bc49a-5f4d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 20:41:09 GMT
expires: Wed, 28 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 1951
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=335221003&t=pageview&_s=1&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=282281097&gjid=1928489495&cid=440513768.1664399617&tid=UA-63549881-7&_gid=1475561481.1664399617&_r=1&gtm=2wg9i1PVW329&z=1406527324

142.250.74.174

302 Found

418 B

URL HTTP/2
www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=335221003&t=pageview&_s=1&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=282281097&gjid=1928489495&cid=440513768.1664399617&tid=UA-63549881-7&_gid=1475561481.1664399617&_r=1&gtm=2wg9i1PVW329&z=1406527324
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
418 B (418 bytes)
Hash
2060313512af89e6bd5dc80fa4033189
41582383a01d1d34802e7d18f144bf23fe3ef14c
bc09dc1302429b51b89c740142b9b8ea21d6c5f4af06b7fb5525e2cf3fe4b11b

HTTP Headers

GET /r/collect?v=1&_v=j79&aip=1&a=335221003&t=pageview&_s=1&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=282281097&gjid=1928489495&cid=440513768.1664399617&tid=UA-63549881-7&_gid=1475561481.1664399617&_r=1&gtm=2wg9i1PVW329&z=1406527324 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=440513768.1664399617&jid=282281097&_gid=1475561481.1664399617&gjid=1928489495&_v=j79&z=1406527324
access-control-allow-origin: *
date: Wed, 28 Sep 2022 21:13:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DGJlH9sps8Thlbbd/nRgNzvj6ykogq2pY2G061OhQyux5xlu1SQ7BDoJ+YG3nvLco/Quyk1by7GOmUGCq4yB9A==
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 28 Sep 2022 21:13:40 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/jquery-1.js

109.71.253.24

200 OK

33 kB

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/jquery-1.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (32060)
Size
33 kB (32742 bytes)
Hash
8a777302b46e002c8227670c9581b194
4b55739a163b608494fce750c2a117e0baa5dc75
cc453994a7ce8bc7b4ebc64aca8ec436de77f2f65fc0aa051440cf92e4b8a485

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/jquery-1.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-17c52"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?

142.250.74.70

200 OK

404 B

URL HTTP/2
8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567), with no line terminators
Size
404 B (404 bytes)
Hash
c3745516320bd3b37fdc6335a572288a
87121b977cd9294b713585dfa27751c1ed2d0ccb
d40202b1ba4dc0c8f7db23cf86189cde9a4f3e27e581f35a90857a4a9a7fd823

HTTP Headers

GET /activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore? HTTP/1.1
Host: 8602056.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:13:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 404
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 21:28:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
89de23fd8b766d1dbf65e8c4cb7d4cf9
8bf89ba54b5c699c7b2e8416997ad75f8729af47
a473b7a19bbfcef7f8bab05092ea66d7367db9b18b3759fa03684f2220a71c47

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Last-Modified: Wed, 28 Sep 2022 20:12:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4914
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Last-Modified: Wed, 28 Sep 2022 19:51:46 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
599ed39add80ee45739d4d61566c224a
ed61891b66accbda284fbed69236ff5622809b7d
8ead1636ae947e4f037b78c05b51c8af4707cd19d79dd4a5c9958819b40182cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Last-Modified: Wed, 28 Sep 2022 20:24:36 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png

185.195.93.72

302 Moved Temporarily

0 B

URL HTTP/1.0
icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
185.195.93.72:0
ASN
#42649 Baffin Bay Networks AB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.0 302 Moved Temporarily
Location: https://www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
Connection: Keep-Alive
Content-Length: 0
Set-Cookie: _tpc_persistance_cookie=!QyhL7Wypx6teyCO8EOda6AVGp4P79ev/oWMBn3+9WIskwEVgRwJr7GQDF2rw92zaw5CTXaeNeM53Xd4=; path=/; Httponly; Secure
BBN01c5658b=0135ab579ae971f3f72dcf07e0377593084a3061ad13659ff2c6f47e32c44803875bf7814b49a7f4517d43353d15e98fa21a916e2763b24f98d95507405722a800ae9dd959; Path=/; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=440513768.1664399617&jid=282281097&_gid=1475561481.1664399617&gjid=1928489495&_v=j79&z=1406527324

64.233.165.156

200 OK

35 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=440513768.1664399617&jid=282281097&_gid=1475561481.1664399617&gjid=1928489495&_v=j79&z=1406527324
IP
64.233.165.156:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=440513768.1664399617&jid=282281097&_gid=1475561481.1664399617&gjid=1928489495&_v=j79&z=1406527324 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web8713.web07.bero-webspace.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 21:13:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

7.3 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
7.3 kB (7321 bytes)
Hash
533af311f14186563a8a645ad803dcd2
a6e061cf68019958b224d031c29abaee40ac4acc
bc1f851572546207ed0d3897c106b439a1d67cf0c7094cb8fa66b0b1170aae4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore

216.58.207.194

200 OK

403 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566), with no line terminators
Size
403 B (403 bytes)
Hash
8747e862216d3bd965e43e463ddb3253
ac7f79d449123a057603741965fed0480f06f5d0
d61e73a1fb3453a6a8ac025ab0e974c48d1cb66c2ab89a4624a1e1dccb168ee5

HTTP Headers

GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8602056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:13:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&rl=&if=false&ts=1664399617646&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664399617645.2119017117&it=1664399617578&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&rl=&if=false&ts=1664399617646&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664399617645.2119017117&it=1664399617578&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8713.web07.bero-webspace.de%2FPAGINA-HOME%2F&rl=&if=false&ts=1664399617646&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664399617645.2119017117&it=1664399617578&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 21:13:40 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f73d7119bead3bfc8e1bb650d39ceb2f
4861dedd649599eadadf2103af185f3d6196e14d
05e8e401f7bade38850f9c23bb3a8e4c7766bf97ea036c3eca51af7527d123d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 21:13:40 GMT
Last-Modified: Wed, 28 Sep 2022 19:49:23 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KtB_yJ4zu_pknVP6tktwtEnwT85EHnY1iUlAgQFHDVozbyRq5lPpMA==
Age: 5057

www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png

185.195.93.72

200

5.5 kB

URL HTTP/1.1
www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
185.195.93.72:0
ASN
#42649 Baffin Bay Networks AB

File type
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5528 bytes)
Hash
75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63

HTTP Headers

GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web8713.web07.bero-webspace.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
content-length: 5528
content-type: image/png;charset=UTF-8
date: Wed, 28 Sep 2022 21:13:39 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 21:13:40 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d0o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!rlCGk+5yb4GAIQO8EOda6AVGp4P79UBsq7Qs+EbRxARL6jTlpe/SpJWe1KX36JBoMic5LcZ8PpZJ1Rc=; path=/; Httponly; Secure
BBN01677320=0135ab579aaed60665ec0362321a21198577023d1f2aa8ba1c0ca6c1690ebb9408e62c637c57111baefba8ac4045e155e0b8c3a8e8967ccc87d0b6828de3d1166a6dc38d45; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore

142.250.74.130

200 OK

177 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
177 B (177 bytes)
Hash
9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0

HTTP Headers

GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:13:40 GMT
expires: Wed, 28 Sep 2022 21:13:40 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

w.usabilla.com/a1d53d1e874a.js?lv=1

34.254.43.202

200 OK

13 kB

URL HTTP/2
w.usabilla.com/a1d53d1e874a.js?lv=1
IP
34.254.43.202:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (12888)
Size
13 kB (13223 bytes)
Hash
84863b5c4f3b6a8d84715a6d94202d13
51eb0af294a7105ca2fca6d0bae4b4683d83a133
d2bd58b4c153621afc8e80049c24d6d83c421094a698a5bc731839832c965412

HTTP Headers

GET /a1d53d1e874a.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 21:13:40 GMT
content-type: text/javascript
content-length: 13223
cache-control: public,max-age=0
content-encoding: gzip
etag: "e255879c516de604cf466269a75d96a1"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:13:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png

54.230.245.35

200 OK

1.8 kB

URL HTTP/1.1
d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
IP
54.230.245.35:0
ASN
#16509 AMAZON-02

File type
PNG image data, 80 x 260, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1809 bytes)
Hash
7ef629548db47bacfbb18b3383223f61
c92146d1f74c6f79b3bf2c5bfe01ac69392bd998
62aa47ada132a4fb2551ef3ab9b39a28fc285e187905d744c8ec52ed83007ef8

HTTP Headers

GET /themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1809
Connection: keep-alive
Date: Mon, 10 Jan 2022 07:30:24 GMT
Last-Modified: Tue, 13 Mar 2018 16:10:27 GMT
ETag: "7ef629548db47bacfbb18b3383223f61"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: uUADb9XCpewO7QYDlgT5DnwG20pU0rFi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U7I7brSzuyWTyoqd8HVlUGYk6chvAPO4yPTIsaeEpUXuO32nhc7FOw==
Age: 22599797

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10937
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:13:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10937
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:13:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10937
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:13:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10937
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:13:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13299 bytes)
Hash
ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 84217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 84880
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14464 bytes)
Hash
aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 84458
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 84303
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 57090
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 84283
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main_002.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main_002.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/main_002.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: W/"5e3727ac-254a40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/a

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/a
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/a HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: text/html
last-modified: Wed, 28 Sep 2022 01:46:01 GMT
etag: W/"328-5e9b2ec4a5a22"
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main-ics.css

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main-ics.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /PAGINA-HOME/SCI/main-ics.css HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: text/css
last-modified: Tue, 04 Feb 2020 14:29:10 GMT
etag: W/"5e397fb6-3b0c7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/styles.css

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/styles.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /PAGINA-HOME/SCI/styles.css HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: text/css
last-modified: Tue, 04 Feb 2020 14:19:16 GMT
etag: W/"5e397d64-7226b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm_002.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm_002.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/gtm_002.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-21ab3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/gtm.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/gtm.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-1d455"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/polyfills.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/polyfills.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/polyfills.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: W/"5e3727ac-1aa67"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/runtime.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/runtime.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/runtime.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: W/"5e3727ac-5ab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/arcotfpcollect.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/arcotfpcollect.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/arcotfpcollect.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Sun, 02 Feb 2020 19:49:00 GMT
etag: W/"5e3727ac-8355"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/main.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/main.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-2e4c2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/fbevents.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/fbevents.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/fbevents.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:48:42 GMT
etag: W/"5d8bc49a-1e5e9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/modernizr.js

109.71.253.24

200 OK

0 B

URL HTTP/2
web8713.web07.bero-webspace.de/PAGINA-HOME/SCI/modernizr.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /PAGINA-HOME/SCI/modernizr.js HTTP/1.1
Host: web8713.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8713.web07.bero-webspace.de/PAGINA-HOME/
Cookie: PHPSESSID=e1n0t5i8pr2fsl1qkivo1ratlk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:13:39 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2019 19:32:56 GMT
etag: W/"5d8bc0e8-5f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations