Report - notification.builderallwppro.com/dee0/dechu/Verifiera_din

Report Overview

Submitted URL
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php
IP
65.111.164.149
ASN
#15083 INFOLINK-MIA
Submitted
2023-02-01 10:11:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.post.ch	763813	2019-10-29T12:30:56Z	2023-03-11T17:48:29Z	1.6 kB	64 kB	194.41.184.89
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	1.1 kB	463 B	216.239.34.36
notification.builderallwppro.com	unknown	2023-01-30T01:34:37Z	2023-02-02T19:35:17Z	11 kB	533 kB	65.111.164.149
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.143.102
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	398 B	63 kB	142.250.74.40
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	55 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	389 B	21 kB	142.250.74.110
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	639 B	608 B	64.233.162.156
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
tags.tiqcdn.com	969	2013-01-15T06:04:26Z	2023-03-13T05:18:20Z	420 B	520 B	23.38.200.249
www.post.ch	513731	2012-06-25T18:03:17Z	2023-03-11T17:48:28Z	1.7 kB	58 kB	194.41.184.148
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php	PostFinance

PhishTank

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php	Other

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed
2023-01-31	medium	builderallwppro.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/staticasset	11 kB	2023-03-13	2023-05-22
Pretty URL notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/staticasset IP 65.111.164.149 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:49:17 Last Seen2023-05-22 04:39:01 Times Seen10 Hash 31434b7a377d89ebda5888d96b5c376e 7b3b4ca906ce38c4f2376c3b5350c43ba798e376 f11f38e78440aaef27e2c9787486287837d09a5920bfd05cc1f602f7f2204410 Loading...

	tags.tiqcdn.com/utag/schweizerischepost/postportal/prod/utag.sync.js	109 B	2023-03-13	2023-03-13
Pretty URL tags.tiqcdn.com/utag/schweizerischepost/postportal/prod/utag.sync.js IP 23.38.200.249 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:03 Last Seen2023-03-13 14:23:58 Times Seen1 Hash b382a82f881dccc352a7dfb651952c7a 352a58cd79392c8593999f5dd45968ed039491be 5ca19dd6adc1cf82e4cae4c8161547b7216c55bf6356b60131061b5dfdb48f9f Loading...

	www.post.ch/assets-portal/js/head.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825	3.3 kB	2023-03-08	2024-01-18
Pretty URL www.post.ch/assets-portal/js/head.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825 IP 194.41.184.148 ASN #12511 Die Schweizerische Post AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:49:14 Last Seen2024-01-18 10:49:20 Times Seen66 Hash 6d3152045a4ae617a3f7d4784a2bfae0 b414174488cedf0c9da58dc8fd11b073f4812991 55f66e591f4960477c6012c6d4d72dc00392b9c2dac009eb2f6e1ec736f0a9fd Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N85NWPK&l=dataLayer	137 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N85NWPK&l=dataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:05:41 Last Seen2023-03-13 14:05:44 Times Seen1 Hash 93c823acb97ffbddba24142ccfe0979c 7a0e56507810ed96c82f2390a38a03421655a295 066e47b9b648e96f0413755755642642d67c47c2545f4b9b044522937c840787 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NTQ35M9&l=dataLayer	328 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NTQ35M9&l=dataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:05:44 Last Seen2023-03-13 14:05:44 Times Seen1 Hash fad89c42be6d6bb5e86a0d3d690dcc77 2d38f3a32a523399eecd1cc4f49f2e5b4b8f25a6 dbf2eb5abe135a9dda8db8825a42665af7800d3315256c0d79b1d99bb16cf438 Loading...

	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php	862 B	2023-03-08	2024-03-13
Pretty URL notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php IP 65.111.164.149 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:25 Last Seen2024-03-13 16:47:16 Times Seen34 Hash de5daea21eff6823332f1b23f50eedd6 dd829e964789e138df7479bda4c58a0e8d007e1b a852732632dcedfd580d7d938acb0b3c38fa11d171f7d85900c452d3751fd040 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.post.ch/assets-portal/js/main.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825	188 kB	2023-03-13	2023-08-29
Pretty URL www.post.ch/assets-portal/js/main.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825 IP 194.41.184.148 ASN #12511 Die Schweizerische Post AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:49:17 Last Seen2023-08-29 03:01:36 Times Seen5 Hash e0af93c716150f52ef91cb41f17e2978 6070e8f208d65bc45cb09abad11156fa69dfb13b a238659d42f3e13f9fa021d317994445752e7017704486fc7c86e241ee6ae664 Loading...

	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php	448 B	2023-03-08	2024-01-18
Pretty URL notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php IP 65.111.164.149 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:25 Last Seen2024-01-18 10:49:18 Times Seen15 Hash c14004676f626ddf06b9f085c32d7be2 93e538a96acf98001fa51289a19cac2360a884b1 a5e6e7832ae26a8eaa9affdd771a0b80a740252425f700ca776fe96213f3e1d4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WKSKHGJ	190 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WKSKHGJ IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:05:44 Last Seen2023-03-13 14:05:44 Times Seen1 Hash 0cf4153397e77093768d93ce5811e1cd d2e335f9cbd49c79a81fdc54058739036551198b 4dfa41c9c429275ecabb5aef507ad0ae3252e1f3452094cc834464081b970b1d Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 12:52:50 Times Seen36959950 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K25QCX2&l=dataLayer	120 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K25QCX2&l=dataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:05:44 Last Seen2023-03-13 14:05:44 Times Seen1 Hash ec24c9f643fd187ef3d596451063c1c4 73a0193a376b73285349646a26291cee4f2225d3 15e88e76b6575fad919f9ef356ac0e69b01ed1d7f040a3178e1964d5c4fe0534 Loading...

	notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php	139 B	2023-03-13	2024-03-13
Pretty URL notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php IP 65.111.164.149 ASN #15083 INFOLINK-MIA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:50:03 Last Seen2024-03-13 16:47:17 Times Seen5 Hash 9ae01088c3b5a84c55b760e77abe3b94 34b70e29538425675f38b0b45117c96f146f5819 01735912f8992a2336b02d33752fa13ea3607cbf4efd47458342493330479842 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 46a9942810dc47993ef9bced3ca2b80c	246 B	2023-03-13	2023-03-26
Pretty Observations First Seen2023-03-13 03:50:03 Last Seen2023-03-26 13:16:29 Times Seen4 Hash 46a9942810dc47993ef9bced3ca2b80c b33a79a26330a71e2ed33d7fa992023c57eda225 04788eb247d0c672835f5deb25cc3bec7374fa4478ff427811bb9f96bbce8498 Loading...

	#2 Eval - 55a8b32932ab40f00dd85d9c0807f22a	1.8 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 07:49:14 Last Seen2023-03-26 03:14:53 Times Seen4 Hash 55a8b32932ab40f00dd85d9c0807f22a df150f7ae0ebc0aa9aa089e4ff1220fa3768a6a6 fee77aaa2671e135fc53a17d324d8e96cab198675675d243d1a017cb45297396 Loading...

	#3 Eval - 8f77ae4fd4b26fe7f23c40f65f7ac2c3	248 B	2023-03-13	2023-06-26
Pretty Observations First Seen2023-03-13 03:50:03 Last Seen2023-06-26 02:48:17 Times Seen5 Hash 8f77ae4fd4b26fe7f23c40f65f7ac2c3 b4a5a70d644a936a238728fe2abce5516535d3e7 5dad0e7dab4d980ebf374392b609b86ef38694ee45efaa543efbe727869f791d Loading...

	#4 Eval - 782df48863ac47c3e5c107a21bb1981f	300 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-19 06:28:53 Times Seen2217 Hash 782df48863ac47c3e5c107a21bb1981f b168ef536a75014f6ae9f2a57d66d069b7dfa56a d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f Loading...

	#5 Eval - 5fb2ce43c0ea997a0ab62856739cc7fe	71 B	2023-03-07	2024-04-04
Pretty Observations First Seen2023-03-07 12:05:33 Last Seen2024-04-04 09:23:06 Times Seen105 Hash 5fb2ce43c0ea997a0ab62856739cc7fe fb1961efa280fe718e886d10dfd72e3f5d37b9eb a430701efd987bfffc98f2bc6b8d3e93f616e805c4818070ff7d9d456428b4bd Loading...

	#6 Eval - fb955348edeb1c068a7fdc1856f1b09c	227 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 19:38:25 Last Seen2023-03-26 13:16:29 Times Seen4 Hash fb955348edeb1c068a7fdc1856f1b09c 7f268687872aca1c7d80334c16fa382627a28a74 cc26a9159cc0e6ef330df59736893ae791aecbdb1d5f7b6d425db692e58a0cef Loading...

	#7 Eval - 951324366c76a02eaece3df7d8757529	1.2 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 19:38:25 Last Seen2023-03-26 13:16:29 Times Seen4 Hash 951324366c76a02eaece3df7d8757529 67a01dc95cbad30bfbd9d8b520c4305b58653ecf 7c44d503caaf99bb65b1479bf8c51c60859844cf072c05aa53a0ecb21b6e9467 Loading...

	#8 Eval - 7559c6b721e53c33c1736684f5d0069b	137 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 19:38:25 Last Seen2023-03-26 13:16:29 Times Seen4 Hash 7559c6b721e53c33c1736684f5d0069b 2994fa24bb5e878505ca66ac75bcf93cdbed59b4 546367b1c790d4b22840b342f409a5c95f79e462356ea3cdc859a985cc27f7ad Loading...

	#9 Eval - eeb02a1a207f0524bfe9ce70280aa230	248 B	2023-03-13	2023-05-11
Pretty Observations First Seen2023-03-13 03:50:03 Last Seen2023-05-11 00:14:02 Times Seen13 Hash eeb02a1a207f0524bfe9ce70280aa230 bfd3fe57b8f9b944f4ddce684e6530f415a08577 18f9a4976ea4986444fb9d992f342737a97df57d632c61692fca7f6d2c8d90bd Loading...

	#10 Eval - 8ddba9e78f79bbd0078ed442936e54cf	58 B	2023-03-07	2024-03-06
Pretty Observations First Seen2023-03-07 14:37:09 Last Seen2024-03-06 19:22:00 Times Seen37 Hash 8ddba9e78f79bbd0078ed442936e54cf c01aa253b9a8c76d4bfa466d9f9ab0af9803bcad cef6317e4b87f09ff8e6fc3c1821477f838485b78c5a3f93ca7f4566b89ea76f Loading...

	#11 Eval - 535af255b6f0439dea24f76d31133dbd	171 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 19:38:25 Last Seen2023-03-26 13:16:29 Times Seen4 Hash 535af255b6f0439dea24f76d31133dbd dfdabe03083c48686233ccfb0f69273a00cbf7f4 7d15bf2611a52a939a0f47c1c762121c017639369b8ad6fc3044ce53a67c5bee Loading...

	#12 Eval - 20dcd58e770a470c827c840c5db95f23	43 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 12:55:10 Last Seen2024-04-18 14:00:35 Times Seen1282 Hash 20dcd58e770a470c827c840c5db95f23 e3c25cd4d1dcdc26fd6b5e670ca893cd06479c5d 79db7032ffc2ce206ab5a0a82b5bdb8e69fa36a77510276616ecd94d8dca6d53 Loading...

	#13 Eval - e32b906ae9d1e07b672d8ed6291ee6db	1.2 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 19:38:25 Last Seen2023-03-26 13:16:29 Times Seen4 Hash e32b906ae9d1e07b672d8ed6291ee6db bae60a3baa629f7c8b025967e877b6e91e4b9235 51bcd96442e56064453980b0fccb8dd7cc14cfeb26e8363b9f562f22d5bee376 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Wed, 01 Feb 2023 10:54:35 GMT
Date: Wed, 01 Feb 2023 10:11:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9849
Expires: Wed, 01 Feb 2023 12:55:37 GMT
Date: Wed, 01 Feb 2023 10:11:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 09:43:25 GMT
content-type: application/json
age: 1683
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5680
Expires: Wed, 01 Feb 2023 11:46:08 GMT
Date: Wed, 01 Feb 2023 10:11:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: It4xmz26jgU20/J1QGb+P1LXWGKyH6yWMA0/HMQk2RGIw36woA6DgLnKn2xr8p3tvkpzIAN+y9I=
x-amz-request-id: HKQC2T07931VBTZ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 09:22:36 GMT
age: 2932
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:11:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 09:49:05 GMT
age: 1343
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php

65.111.164.149

200 OK

274 kB

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/prosers.php
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35593)
Size
274 kB (274127 bytes)
Hash
a02498ae4b33c3b5216a56814af2f1fc
8309d1fa136b3be9242bac573a1db8f0cec8bce4
5aea8b0348b86177f099db565b32989816ad96aa852e602a85d82cd80ca15015

Detections

Analyzer	Verdict	Alert
openphish	PostFinance
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/prosers.php HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:28 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

tags.tiqcdn.com/utag/schweizerischepost/postportal/prod/utag.sync.js

23.38.200.249

200 OK

118 B

URL HTTP/2
tags.tiqcdn.com/utag/schweizerischepost/postportal/prod/utag.sync.js
IP
23.38.200.249:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
118 B (118 bytes)
Hash
66cfad4336c3530f695b8fa703b06b14
b1cad42523918036b688d38020c3ac907c9cf496
1c10597970f54dd05abd66fbc0d4e084b99d487c5423b7ebd9e8658eb95af277

HTTP Headers

GET /utag/schweizerischepost/postportal/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b382a82f881dccc352a7dfb651952c7a:1674134910.236365"
last-modified: Thu, 19 Jan 2023 13:28:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 118
cache-control: max-age=300
expires: Wed, 01 Feb 2023 10:16:28 GMT
date: Wed, 01 Feb 2023 10:11:28 GMT
X-Firefox-Spdy: h2

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/staticasset

65.111.164.149

200 OK

11 kB

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/staticasset
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document, ASCII text, with very long lines (10997), with no line terminators
Size
11 kB (10997 bytes)
Hash
31434b7a377d89ebda5888d96b5c376e
7b3b4ca906ce38c4f2376c3b5350c43ba798e376
f11f38e78440aaef27e2c9787486287837d09a5920bfd05cc1f602f7f2204410

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/staticasset HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:28 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 10 May 2022 19:07:16 GMT
Accept-Ranges: bytes
Content-Length: 10997
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/runtime-es2015.21267520ddd8bcd60c1a.js.download

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/runtime-es2015.21267520ddd8bcd60c1a.js.download
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/runtime-es2015.21267520ddd8bcd60c1a.js.download HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3072
Expires: Wed, 01 Feb 2023 11:02:41 GMT
Date: Wed, 01 Feb 2023 10:11:29 GMT
Connection: keep-alive

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/polyfills-es2015.55ed88fd666023ba3b7d.js.download

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/polyfills-es2015.55ed88fd666023ba3b7d.js.download
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/polyfills-es2015.55ed88fd666023ba3b7d.js.download HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.post.ch/assets-portal/js/head.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825

194.41.184.148

200 OK

1.4 kB

URL HTTP/1.1
www.post.ch/assets-portal/js/head.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825
IP
194.41.184.148:0
ASN
#12511 Die Schweizerische Post AG

File type
ASCII text, with very long lines (3255), with no line terminators
Size
1.4 kB (1402 bytes)
Hash
470036923a9ecadfadb46381aba7cded
bdd49e705eec62b6ed41a6ac526e1f17858f7cfa
6b83a0da3e6d4a0b1fe87ccf96ae21e3b8e95bcfb04cefc6c3f19b186e2d6050

HTTP Headers

GET /assets-portal/js/head.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825 HTTP/1.1
Host: www.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 07:22:16 GMT
Server: Delivery1
Strict-Transport-Security: max-age=31536000
Set-Cookie: ittrksessid=60f82e04.5f3a0abf99408;HttpOnly;Secure; path=/
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: max-age=2592000
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 06:48:18 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Age: 528551
ETag: W/"0e56c85bf24d91:0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-RP-UNIQUE_ID: Y9o60SE4lohZ9jf6TbBYqAAAABY
Content-Length: 1402
Keep-Alive: timeout=5
Connection: Keep-Alive

www.post.ch/assets-portal/js/main.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825

194.41.184.148

200 OK

50 kB

URL HTTP/1.1
www.post.ch/assets-portal/js/main.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825
IP
194.41.184.148:0
ASN
#12511 Die Schweizerische Post AG

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
50 kB (50426 bytes)
Hash
ef4ceef4157cfbde5425334a4cf0b8ee
a15865950988f7b2ff573b56793a0a1deb2b5740
c5689a9962601251892627283e3f5f1d92f7801d77a95d64cd02854eb0f7cb11

HTTP Headers

GET /assets-portal/js/main.min.js?v=e7a971ebef6f9a335c2eca8c94ac4825 HTTP/1.1
Host: www.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 10:20:39 GMT
Server: Delivery3
Strict-Transport-Security: max-age=31536000
Set-Cookie: ittrksessid=740abba6.5f3a0abf98271;HttpOnly;Secure; path=/
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: max-age=2592000
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 06:48:24 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
Age: 690648
ETag: W/"06c089bf24d91:0-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-RP-UNIQUE_ID: Y9o60cQWsv-o6NR2Lrj6ywAAAgs
Content-Length: 50426
Keep-Alive: timeout=5
Connection: Keep-Alive

push.services.mozilla.com/

52.88.143.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.143.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MHutuEqk+z3zyaNRuGZWTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nuisB8+j7GASIVsumUEKgJjarWM=

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/main-es2015.857395d966a0bb206107.js.download

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/main-es2015.857395d966a0bb206107.js.download
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/main-es2015.857395d966a0bb206107.js.download HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/post.css

65.111.164.149

200 OK

220 kB

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/post.css
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
Unicode text, UTF-8 text, with very long lines (63732)
Size
220 kB (220089 bytes)
Hash
1c490eeaf5db3a780d1bdd6e105c6785
41c311ecd07862b858a9805303d80efdc1ffce03
f74cb2d815ec13735c93fbfdf9f8fb9c5de09e15ec57ae7dff575e67eb911719

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/post.css HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:28 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 10 May 2022 19:07:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

www.post.ch/-/media/portal-opp/global/logos/logo---die-post.svg?vs=2&sc_lang=de

194.41.184.148

200 OK

3.6 kB

URL HTTP/1.1
www.post.ch/-/media/portal-opp/global/logos/logo---die-post.svg?vs=2&sc_lang=de
IP
194.41.184.148:0
ASN
#12511 Die Schweizerische Post AG

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3550), with no line terminators
Size
3.6 kB (3550 bytes)
Hash
23ebd819b6d3b9f66d71d77d0e5d44d7
3a84e4c7b0ef078f2a91e3a5dbfd37ec8aa581b0
b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d

HTTP Headers

GET /-/media/portal-opp/global/logos/logo---die-post.svg?vs=2&sc_lang=de HTTP/1.1
Host: www.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 07:22:17 GMT
Server: Delivery3
Strict-Transport-Security: max-age=31536000
Set-Cookie: ittrksessid=f6e82b1.5f3a0ac010b00;HttpOnly;Secure; path=/
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=2592000
Content-Type: image/svg+xml
Last-Modified: Wed, 09 Jun 2021 15:58:20 GMT
ETag: 41b682f4f4b1400ca46fa4709c8e6904
Link: <https://www.post.ch/-/media/portal-opp/global/logos/logo---die-post.svg?sc_lang=de&hash=5ED5B2DC34A706740DB5C0996242A471>; rel="canonical"
Content-Disposition: inline; filename="Logo - Die Post.svg"
X-UA-Compatible: IE=Edge
Content-Length: 3550
Age: 528552
Accept-Ranges: bytes
X-RP-UNIQUE_ID: Y9o60SE4lohZ9jf6TbBYvwAAACY
Keep-Alive: timeout=5
Connection: Keep-Alive

www.post.ch/api/nothing/image?sc_site=post-portal&sc_lang=de

194.41.184.148

200 OK

42 B

URL HTTP/1.1
www.post.ch/api/nothing/image?sc_site=post-portal&sc_lang=de
IP
194.41.184.148:0
ASN
#12511 Die Schweizerische Post AG

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /api/nothing/image?sc_site=post-portal&sc_lang=de HTTP/1.1
Host: www.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:28 GMT
Server: Delivery1
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 42
Content-Type: image/gif
Expires: -1
X-UA-Compatible: IE=Edge
Age: 0
Accept-Ranges: bytes
Set-Cookie: ittrksessid=8934a0e8.5f3a0ac00ee9b;HttpOnly;Secure; path=/
post-portal#lang=de; path=/; secure
ScApplLB=Delivery1; Domain=www.post.ch; Path=/;
X-RP-UNIQUE_ID: Y9o60cQWsv-o6NR2Lrj64gAAAio
Keep-Alive: timeout=5
Connection: Keep-Alive

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/loading-yellow.gif

65.111.164.149

200 OK

19 kB

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/loading-yellow.gif
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
GIF image data, version 89a, 220 x 220\012- data
Size
19 kB (18672 bytes)
Hash
f8b6e2275956a36a2b72502b9c220f09
39b5e06e9d6d40c023ec659d094c7514f85b859b
ceeff2c40f040cd2b648d4042bb91eccba0351c808dbd97e9141c2338e170dd7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/loading-yellow.gif HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Fri, 29 Jul 2022 11:42:34 GMT
Accept-Ranges: bytes
Content-Length: 18672
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-WKSKHGJ

142.250.74.40

200 OK

63 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WKSKHGJ
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (19077)
Size
63 kB (62761 bytes)
Hash
d84ca685e20a161e9e35e78a55b569a5
b5220b16ac1e08771615d215c19a1bcbaaaf06ed
1d1c2135b64c21583b740d9bffa26ae5bc29967cbb530d2ea39d5a9698f52776

HTTP Headers

GET /gtm.js?id=GTM-WKSKHGJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 10:11:29 GMT
expires: Wed, 01 Feb 2023 10:11:29 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(1).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(1).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(1).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource.html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource.html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource.html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/scripts.a482d577e3cc8048c217.js.download HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/bframe.html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/bframe.html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/bframe.html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(2).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(2).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(2).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/jquery.6204f1ccc1aaffa1e130.min.js

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/jquery.6204f1ccc1aaffa1e130.min.js
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/jquery.6204f1ccc1aaffa1e130.min.js HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/bootstrap-modal.451229934ac7fb97bd57.min.js

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/bootstrap-modal.451229934ac7fb97bd57.min.js
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/undefinedjs/async/bootstrap-modal.451229934ac7fb97bd57.min.js HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Lt.woff2

194.41.184.89

200 OK

31 kB

URL HTTP/1.1
fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Lt.woff2
IP
194.41.184.89:0
ASN
#12511 Die Schweizerische Post AG

File type
Web Open Font Format (Version 2), TrueType, length 31252, version 0.0\012- data
Size
31 kB (31252 bytes)
Hash
20095c545ddf5f7369975c90636a1bfa
494379fc5011a3290fe6e256eb09e38b76cebe92
f241569fa67822be0a1d7fcf2406745c9c196d62fd5cdb9826f2e071ca3bb8ff

HTTP Headers

GET /frutigerneueforpost/v2/FrutigerNeueforPostW05-Lt.woff2 HTTP/1.1
Host: fonts.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://notification.builderallwppro.com/
Origin: https://notification.builderallwppro.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache
Set-Cookie: ittrksessid=e580eb66.5f3a0ac048870;HttpOnly;Secure; path=/; domain=.pnet.ch; SameSite=None; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Jan 2023 14:18:03 GMT
ETag: "7a14-5f29e99d23cc0"
Accept-Ranges: bytes
Content-Length: 31252
X-RP-UNIQUE_ID: Y9o60WWUuQ7fhDxhtIO7UgAAAB4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(5).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(5).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(5).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(6).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(6).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(6).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(4).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(4).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(4).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(3).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(3).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(3).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Rg.woff2

194.41.184.89

200 OK

31 kB

URL HTTP/1.1
fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Rg.woff2
IP
194.41.184.89:0
ASN
#12511 Die Schweizerische Post AG

File type
Web Open Font Format (Version 2), TrueType, length 30652, version 0.0\012- data
Size
31 kB (30652 bytes)
Hash
9b406a700f4b12ceca63b33b356f9808
74919fe2630f0cee8ca3df5dc75ea8e9817cd5b9
c0dff120512a8b623a3dbc0b98fcc028d8380961dbb89c0f9ad391b47a2a13b7

HTTP Headers

GET /frutigerneueforpost/v2/FrutigerNeueforPostW05-Rg.woff2 HTTP/1.1
Host: fonts.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://notification.builderallwppro.com/
Origin: https://notification.builderallwppro.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache
Set-Cookie: ittrksessid=fc27f57c.5f3a0ac04fabd;HttpOnly;Secure; path=/; domain=.pnet.ch; SameSite=None; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Jan 2023 14:18:03 GMT
ETag: "77bc-5f29e99d23cc0"
Accept-Ranges: bytes
Content-Length: 30652
X-RP-UNIQUE_ID: Y9o60Tj_hbbcyVxyB9VrNwAAAI8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(7).html

65.111.164.149

404 Not Found

196 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(7).html
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/saved_resource(7).html HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/icon.png

65.111.164.149

200 OK

352 B

URL HTTP/1.1
notification.builderallwppro.com/dee0/dechu/Verifiera_din_leveransadress/Files/icon.png
IP
65.111.164.149:0
ASN
#15083 INFOLINK-MIA

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
2535c91be5088a2396f1d39a2cb757aa
df41e618ac2c0e9c598605d7bb90ca5c5965cf18
e22b3ad4a91589f9ee77e74c992445336d7aa18073f9960b883ad6614ca70a68

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dee0/dechu/Verifiera_din_leveransadress/Files/icon.png HTTP/1.1
Host: notification.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:30 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 12 Apr 2021 18:18:38 GMT
Accept-Ranges: bytes
Content-Length: 352
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 09:46:59 GMT
expires: Wed, 01 Feb 2023 11:46:59 GMT
cache-control: public, max-age=7200
age: 1471
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Wed, 01 Feb 2023 10:54:04 GMT
Date: Wed, 01 Feb 2023 10:11:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Wed, 01 Feb 2023 10:54:04 GMT
Date: Wed, 01 Feb 2023 10:11:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 27692
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 75355
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9282 bytes)
Hash
e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 22256
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5736 bytes)
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:37:05 GMT
age: 84865
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6773 bytes)
Hash
d2189ff7eee65e0fde9be79c994b1d1e
c82caabf73415755643b9ab874364162e798f58c
f0d08ab954f728a73a30d22c874019789d55b64a6160d5dafe4d08249f2e9ed4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6773
x-amzn-requestid: b3b6b388-dd50-4a4d-83e0-219b0d285f4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foee_GcdoAMFRWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac6-286883827020ff9a1412030c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59jJ-7FGO_UqZi7pUGx6h9imXp1a5bOeAbKFkDQBC91qQ2lnyyl11w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "c82caabf73415755643b9ab874364162e798f58c"
content-type: image/jpeg
age: 35908
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 44951
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-193689541-3&cid=83127583.1675246311&jid=926079052&gjid=1787669060&_gid=605827807.1675246311&_u=YCDACUAABAAAACgHKg~&z=1643781339

64.233.162.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-193689541-3&cid=83127583.1675246311&jid=926079052&gjid=1787669060&_gid=605827807.1675246311&_u=YCDACUAABAAAACgHKg~&z=1643781339
IP
64.233.162.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-193689541-3&cid=83127583.1675246311&jid=926079052&gjid=1787669060&_gid=605827807.1675246311&_u=YCDACUAABAAAACgHKg~&z=1643781339 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://notification.builderallwppro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://notification.builderallwppro.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 10:11:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:11:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-NKBFQY6H40&gtm=2oe1u0&_p=1133097046&cid=83127583.1675246311&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675246311&sct=1&seg=0&dl=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&dt=SwissPost&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_geo_region=national&ep.internal=false&ep.login_status=false&ep.gtm_container_id=GTM-TK76FKH&ep.query_string=&ep.full_referrer=&ep.internal_adddress=false&ep.clean_url=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&ep.gtm_tag_name=ga4_event_page_view

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-NKBFQY6H40&gtm=2oe1u0&_p=1133097046&cid=83127583.1675246311&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675246311&sct=1&seg=0&dl=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&dt=SwissPost&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_geo_region=national&ep.internal=false&ep.login_status=false&ep.gtm_container_id=GTM-TK76FKH&ep.query_string=&ep.full_referrer=&ep.internal_adddress=false&ep.clean_url=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&ep.gtm_tag_name=ga4_event_page_view
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-NKBFQY6H40&gtm=2oe1u0&_p=1133097046&cid=83127583.1675246311&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675246311&sct=1&seg=0&dl=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&dt=SwissPost&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_geo_region=national&ep.internal=false&ep.login_status=false&ep.gtm_container_id=GTM-TK76FKH&ep.query_string=&ep.full_referrer=&ep.internal_adddress=false&ep.clean_url=https%3A%2F%2Fnotification.builderallwppro.com%2Fdee0%2Fdechu%2FVerifiera_din_leveransadress%2Fprosers.php&ep.gtm_tag_name=ga4_event_page_view HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://notification.builderallwppro.com/
Origin: https://notification.builderallwppro.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://notification.builderallwppro.com
date: Wed, 01 Feb 2023 10:11:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Bold.woff2

194.41.184.89

200 OK

0 B

URL HTTP/1.1
fonts.post.ch/frutigerneueforpost/v2/FrutigerNeueforPostW05-Bold.woff2
IP
194.41.184.89:0
ASN
#12511 Die Schweizerische Post AG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frutigerneueforpost/v2/FrutigerNeueforPostW05-Bold.woff2 HTTP/1.1
Host: fonts.post.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://notification.builderallwppro.com/
Origin: https://notification.builderallwppro.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:29 GMT
Server: Apache
Set-Cookie: ittrksessid=309290cb.5f3a0ac051bf0;HttpOnly;Secure; path=/; domain=.pnet.ch; SameSite=None; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Jan 2023 14:18:03 GMT
ETag: "77e0-5f29e99d23cc0"
Accept-Ranges: bytes
Content-Length: 30688
X-RP-UNIQUE_ID: Y9o60WWUuQ7fhDxhtIO7UwAAACs
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, immutable
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML