Report - www.bukuma.de

Report Overview

Submitted URL
www.bukuma.de
IP
134.119.0.105
ASN
#34011 Host Europe GmbH
Submitted
2023-02-01 16:02:30
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.bukuma.de	unknown	2014-04-09T19:52:29Z	2022-12-26T12:54:50Z	17 kB	1.3 MB	134.119.0.105
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.36.23.49
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-13T05:25:08Z	346 B	2.4 kB	192.124.249.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	www.bukuma.de/	Phishing
2023-02-01	medium	www.bukuma.de/	Phishing
2023-02-01	medium	www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871	Phishing
2023-02-01	medium	www.bukuma.de/typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871	Phishing
2023-02-01	medium	www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-600.woff2	Phishing
2023-02-01	medium	www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-300.woff2	Phishing
2023-02-01	medium	www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-700.woff2	Phishing
2023-02-01	medium	www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-regular.woff2	Phishing
2023-02-01	medium	www.bukuma.de/typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354	Phishing
2023-02-01	medium	www.bukuma.de/typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641	Phishing
2023-02-01	medium	www.bukuma.de/fileadmin/template.v1/jquery.2.1.4.min.js	Phishing
2023-02-01	medium	www.bukuma.de/typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	www.bukuma.de/typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871	128 kB	2023-03-13	2023-03-13
Pretty URL www.bukuma.de/typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871 IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:17:48 Last Seen2023-03-13 14:17:48 Times Seen1 Hash 9443c3745a877726a54ca9a2b74c3dec d2e0658f2b5a01fc0ec0e99833ad8d14cb0ec197 a9f7ab4ce0a920fe4ffdb841d5ba4371e787a1b12de5b32bc0d13801996bd899 Loading...

	www.bukuma.de/typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617	21 kB	2023-03-13	2023-03-13
Pretty URL www.bukuma.de/typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617 IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:17:48 Last Seen2023-03-13 14:17:48 Times Seen1 Hash d16be4bc6834019c0edcfe4e873ab1e8 8077357b8c607abfb3abf2a9b2eeb1b44ee8652d d3c7c00852ccddbc68f2d22c88de1b62cb9f699e8b4d3662cc98474dfe8a41f0 Loading...

	www.bukuma.de/typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354	88 kB	2023-03-13	2023-03-13
Pretty URL www.bukuma.de/typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354 IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:17:48 Last Seen2023-03-13 14:17:48 Times Seen1 Hash ffe5591f00bbddf3b32b48646036a6f4 d823f31f3b7d27293ec0d53b6269acdc5f6a0f91 dba5196bda7e62750b90416b63976a743c9070b4c3f42a6b42a8ac69c0f4bbc7 Loading...

	www.bukuma.de/typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641	930 B	2023-03-13	2023-10-23
Pretty URL www.bukuma.de/typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641 IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:17:48 Last Seen2023-10-23 20:20:37 Times Seen19 Hash b188205db09671aa6c0c9c582e27c2ae aa3b3160064dbf932661fab7f88d86c243299eab caeb58551fce893969a31fd71473262ad2bc26a55c3b084c7302086561261562 Loading...

	www.bukuma.de/fileadmin/template.v1/jquery.2.1.4.min.js	84 kB	2023-03-07	2024-04-23
Pretty URL www.bukuma.de/fileadmin/template.v1/jquery.2.1.4.min.js IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:00 Last Seen2024-04-23 06:27:25 Times Seen10807 Hash 7a7b18606448bded22cd1cf48d4712cc 5b9df089eb85cecb320fd9ed3f0f9da173c92d61 ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2 Loading...

	www.bukuma.de/?type=4343	5.5 kB	2023-03-13	2023-03-13
Pretty URL www.bukuma.de/?type=4343 IP 134.119.0.105 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:17:48 Last Seen2023-03-13 14:17:48 Times Seen1 Hash a7e4e269b7de5245effcfe94cf23eee6 54d933a28ea1d332a39afdc6618627e235acbd44 13c19ebf9f5f01b541499abab139c2591f587bf8feb9f61689f4572678b8a5e3 Loading...

HTTP Transactions (58)

URL IP Response Size

www.bukuma.de/

134.119.0.105

301 Moved Permanently

230 B

URL HTTP/1.1
www.bukuma.de/
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
230 B (230 bytes)
Hash
3fa4dcb6e8e75613baedbaca4c8dc031
947599871abe44e38f774c2816990aa2b04b6ce5
4b4e6d913c2eabbe7bdcfe4382cb6c1a45ab6d875e265b1ef0d2b8e9ce847d94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 16:02:18 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 230
Connection: keep-alive
Location: https://www.bukuma.de/
X-Cache-Status: MISS

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7907
Expires: Wed, 01 Feb 2023 18:14:06 GMT
Date: Wed, 01 Feb 2023 16:02:19 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9769
Expires: Wed, 01 Feb 2023 18:45:08 GMT
Date: Wed, 01 Feb 2023 16:02:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 15:36:02 GMT
content-type: application/json
age: 1577
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2348
Expires: Wed, 01 Feb 2023 16:41:27 GMT
Date: Wed, 01 Feb 2023 16:02:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8AK79+vRAAtXvmiVRWgqHvt5EPGfxvhLx2+oSSQwt4rJ8cGgvdprUTuoI4Pw6dHcszqLmOGhLhU=
x-amz-request-id: 7Q43EQMFG9MZAWV2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 15:22:43 GMT
age: 2376
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 15:49:05 GMT
age: 794
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8265
Expires: Wed, 01 Feb 2023 18:20:04 GMT
Date: Wed, 01 Feb 2023 16:02:19 GMT
Connection: keep-alive

push.services.mozilla.com/

52.36.23.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.36.23.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: onsQfIdkUSPLXw4TiFGvRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8ewsN1ZVDHMx5UD8lTYMw3Ba+HY=

www.bukuma.de/

134.119.0.105

200 OK

4.9 kB

URL HTTP/2
www.bukuma.de/
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (588)
Size
4.9 kB (4864 bytes)
Hash
8c499eca645084a119815771d8daf5b6
a02ba1a63a5cd27201eb68b6ee72909ccc024a92
e84528c7a0c4ffb06134e55ee40a6bad7b9f59d734ae0016f90723061a10ac51

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 4864
content-language: de
content-encoding: gzip
vary: Accept-Encoding
x-cache-status: EXPIRED
X-Firefox-Spdy: h2

www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871

134.119.0.105

200 OK

9.4 kB

URL HTTP/2
www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
ASCII text, with very long lines (43786)
Size
9.4 kB (9397 bytes)
Hash
03a75ba944db25f4e3e5a9806e4f1a9d
86f8331e689b7b3f8e30919f3b6997586406e5fa
3bed79f80716a625d23b4168fb9d2f53f074e19c8109b49272553357e740ec0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: text/css
content-length: 9397
last-modified: Fri, 19 Aug 2022 07:57:51 GMT
etag: "24b5-5e69374745028"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:03 GMT
content-encoding: gzip
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/2/2/csm_header-bg-01_dac6fecc5a.jpg

134.119.0.105

200 OK

21 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/2/2/csm_header-bg-01_dac6fecc5a.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x254, components 3\012- data
Size
21 kB (21207 bytes)
Hash
e551f39c917bf95f1cf3a9cb14265cdd
0693e16abfef451771b55b9cf53621e214882d14
51d2cf0e6a0e15ecac877bae599167dc49cdbf86a99acb6534c923f67c76f2a2

HTTP Headers

GET /fileadmin/_processed_/2/2/csm_header-bg-01_dac6fecc5a.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 21207
last-modified: Tue, 11 Jul 2017 14:11:16 GMT
etag: "52d7-5540b45cf5953"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/_images/logo.png

134.119.0.105

200 OK

7.7 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/_images/logo.png
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
PNG image data, 230 x 52, 8-bit/color RGB, non-interlaced\012- data
Size
7.7 kB (7712 bytes)
Hash
4e5b8406b77fca1b90d3a132ff1f6fd4
4872663688255ba3842dd9773e43ae52ae774a18
cb08ea3d9d693e55ac6d606305581dd0ba9cc5666cf17ba90358252d0003bf56

HTTP Headers

GET /fileadmin/template.v1/_images/logo.png HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/png
content-length: 7712
last-modified: Tue, 04 Jul 2017 14:49:42 GMT
etag: "1e20-5537efe5dd642"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/8/6/csm_header-02_453228eaaf.jpg

134.119.0.105

200 OK

124 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/8/6/csm_header-02_453228eaaf.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
124 kB (124443 bytes)
Hash
c7a5294145b9d83bd31c0298fc9b9859
8c42a2e643ad9dc6f8a7beb2b5f7356212888f19
bb4d6cd4dd67dec9029f86879c2436f7a20b97cf24dd6e263ce3fdd7c1e062d3

HTTP Headers

GET /fileadmin/_processed_/8/6/csm_header-02_453228eaaf.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 124443
last-modified: Fri, 30 Jun 2017 12:57:48 GMT
etag: "1e61b-5532cf6d93d16"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/e/9/csm_header-01_e3275eb2a6.jpg

134.119.0.105

200 OK

76 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/e/9/csm_header-01_e3275eb2a6.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
76 kB (76386 bytes)
Hash
612d3821775cffc0858b84e3c2d3f566
39e8f3f731f108fad2fdfd2342a23a12a3389f9c
a8d7a4eb44335e900d0ead9b92a9b19f3ac57a4f4a42df6b9b0ce62014fe5f2d

HTTP Headers

GET /fileadmin/_processed_/e/9/csm_header-01_e3275eb2a6.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 76386
last-modified: Fri, 30 Jun 2017 12:50:04 GMT
etag: "12a62-5532cdb347c09"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/1/3/csm_header-06_8f0907e8e6.jpg

134.119.0.105

200 OK

91 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/1/3/csm_header-06_8f0907e8e6.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
91 kB (90921 bytes)
Hash
c8b75db6d98998ac2d6531507ea4254d
9dfba548eef4e3e70046b254d4ba65e8d3a69822
81253dc0824d3b241e8e9f7b7914141c43d8ec4eec13ccb0d60d9878cd365175

HTTP Headers

GET /fileadmin/_processed_/1/3/csm_header-06_8f0907e8e6.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 90921
last-modified: Fri, 30 Jun 2017 12:57:49 GMT
etag: "16329-5532cf6e5e72f"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/9/8/csm_header-05_4064b8b07e.jpg

134.119.0.105

200 OK

60 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/9/8/csm_header-05_4064b8b07e.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
60 kB (59528 bytes)
Hash
534fc08092b609c03364c4192691d5a6
f1960e1991ea3c42cb3073717578d5cc5a685e45
43f9a672e3ccbc42086c7dc399e4f51784141f3a8c2803e6e84203eceed58f01

HTTP Headers

GET /fileadmin/_processed_/9/8/csm_header-05_4064b8b07e.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 59528
last-modified: Fri, 30 Jun 2017 12:57:48 GMT
etag: "e888-5532cf6d1c313"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/7/e/csm_header-07_40db1c9465.jpg

134.119.0.105

200 OK

76 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/7/e/csm_header-07_40db1c9465.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
76 kB (75863 bytes)
Hash
76b30228311a2589567e20e0c9f0711f
3d7138e0a74bbfd65382481d322d9b91238ce951
af812581693fce2a61348a673b1ddcc11f697b9887eceeada615bedbf85bdca8

HTTP Headers

GET /fileadmin/_processed_/7/e/csm_header-07_40db1c9465.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 75863
last-modified: Tue, 11 Jul 2017 13:52:58 GMT
etag: "12857-5540b04697701"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/6/2/csm_header-03_a1b686036c.jpg

134.119.0.105

200 OK

66 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/6/2/csm_header-03_a1b686036c.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x653, components 3\012- data
Size
66 kB (65672 bytes)
Hash
64f391bfbe97f3500e325182edf8a219
3520b18c41b0f6e3dbd639fa4ca81247b39febed
40e9ee8194fea25c69d8d8cca9e1589cb2c9613a30269008b3dda173afb2f07f

HTTP Headers

GET /fileadmin/_processed_/6/2/csm_header-03_a1b686036c.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 65672
last-modified: Fri, 30 Jun 2017 12:57:49 GMT
etag: "10088-5532cf6e01ad9"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/magna.jpg

134.119.0.105

200 OK

14 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/magna.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
14 kB (14032 bytes)
Hash
a0b5a351c51fc8a2982540c63375226a
48164a3fdb41d29fcd7402e385b340593663b2f4
ac7489499e807df0c52d5e447ace597c0297dc3cd15be08d303373fb13467f74

HTTP Headers

GET /fileadmin/user_upload/logos/magna.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 14032
last-modified: Wed, 16 Dec 2015 08:30:37 GMT
etag: "36d0-526ffb87a032f"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/volkswagen.jpg

134.119.0.105

200 OK

15 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/volkswagen.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
15 kB (14593 bytes)
Hash
2d550246e1a9dff0f7d83ff0d71de633
10ac10159420e9f8cb2222bdd9135db7a609a99c
8cc4073d7d60996b90648b6138ce599c66abeb28fb5547288d80d046074ef923

HTTP Headers

GET /fileadmin/user_upload/logos/volkswagen.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 14593
last-modified: Wed, 16 Dec 2015 08:30:37 GMT
etag: "3901-526ffb8828e9f"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/porsche.jpg

134.119.0.105

200 OK

30 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/porsche.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x346, components 3\012- data
Size
30 kB (29824 bytes)
Hash
f29dc5806429e8e8160a3483bb112dc7
e63fe9aa28e50929596fd3622db92b28405e2891
5be3dbfe71fe1ead687aa4c334f71408636fd2f196708efeed401eec3d77f4e1

HTTP Headers

GET /fileadmin/user_upload/logos/porsche.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 29824
last-modified: Fri, 28 Jul 2017 10:24:09 GMT
etag: "7480-5555e14dfd44c"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/panasonic.jpg

134.119.0.105

200 OK

22 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/panasonic.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x346, components 3\012- data
Size
22 kB (22074 bytes)
Hash
81aea0559c94f3def39b9fe338bfe0a8
f0714556177d0f2375811dbe797c3b30f29f876f
6cd98aa567221dadbe05396418d40bc1fa6e06c8403bddd824d882b9cf10e655

HTTP Headers

GET /fileadmin/user_upload/logos/panasonic.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 22074
last-modified: Fri, 28 Jul 2017 10:24:08 GMT
etag: "563a-5555e14ddb170"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/bomag.jpg

134.119.0.105

200 OK

20 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/bomag.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
20 kB (19633 bytes)
Hash
0cf1aee1f7ac13e6d021a4faf9930009
745bd92feb59b2566570262eb66fa165aad9606d
10010db5642641ae0f5bb8a1641d5d46faec1639094e3c6adfd91c8ad145c5a4

HTTP Headers

GET /fileadmin/user_upload/logos/bomag.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 19633
last-modified: Wed, 16 Dec 2015 08:30:35 GMT
etag: "4cb1-526ffb8665445"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/bentley.jpg

134.119.0.105

200 OK

26 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/bentley.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
26 kB (26399 bytes)
Hash
fd198f5fad68e30f3a8839a6f01223d3
3df9aab8d7f2eff8b457e106040d79a46cd6b176
9c62a95a086b1f4b2945f4304424963c9464647c5f81a28b507bd091b9804efe

HTTP Headers

GET /fileadmin/user_upload/logos/bentley.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 26399
last-modified: Wed, 16 Dec 2015 08:30:36 GMT
etag: "671f-526ffb86d0af8"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/4/b/csm_header-small-08a_0bcc9ab2bb.jpg

134.119.0.105

200 OK

16 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/4/b/csm_header-small-08a_0bcc9ab2bb.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x254, components 3\012- data
Size
16 kB (16393 bytes)
Hash
3cedb8dbe343e701478f698ef8d6be78
cc62323bd40dc9d340be2fb623035f14e325fd02
d082206465fb8085a67734e89c0eac5b7c2301415753bdb3d97ccc8a9a4c591b

HTTP Headers

GET /fileadmin/_processed_/4/b/csm_header-small-08a_0bcc9ab2bb.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 16393
last-modified: Thu, 28 Sep 2017 07:55:16 GMT
etag: "4009-55a3b3a9dfa95"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/schott.jpg

134.119.0.105

200 OK

18 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/schott.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
18 kB (17584 bytes)
Hash
c66eecaa01918a92dbf7e8315bd704cb
88b1ac8254fc1e13fa5d25e9976a6183c702445d
447bedcea9182018ee0c54347eaef08abdba153359ce1e34870d2fa397f1d330

HTTP Headers

GET /fileadmin/user_upload/logos/schott.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 17584
last-modified: Wed, 16 Dec 2015 08:30:37 GMT
etag: "44b0-526ffb87e6ff7"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/_processed_/b/6/csm_header-bg-02_34e683a582.jpg

134.119.0.105

200 OK

19 kB

URL HTTP/2
www.bukuma.de/fileadmin/_processed_/b/6/csm_header-bg-02_34e683a582.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x254, components 3\012- data
Size
19 kB (19016 bytes)
Hash
58e583687777ae5e0fef166a44cbdab9
de16e8237b619addebcc509626daf1d5507a371e
7472a10a989690779ad5d12e1257083df059d71bb1e6989c4425b579b354d16a

HTTP Headers

GET /fileadmin/_processed_/b/6/csm_header-bg-02_34e683a582.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 19016
last-modified: Fri, 30 Jun 2017 13:04:47 GMT
etag: "4a48-5532d0fd01082"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/lear.jpg

134.119.0.105

200 OK

15 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/lear.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
15 kB (15264 bytes)
Hash
89a8374310d8243856bfe00e24a77aac
278b1d324ab1fcdac4eec254e25ccc8f93440b1c
8c1ca5728a02b4481f0def8d8fed200b2fb3e1eccb09261e7a61457ca99c47a2

HTTP Headers

GET /fileadmin/user_upload/logos/lear.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 15264
last-modified: Wed, 16 Dec 2015 08:30:36 GMT
etag: "3ba0-526ffb8719ecf"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/audi.jpg

134.119.0.105

200 OK

16 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/audi.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x346, components 3\012- data
Size
16 kB (15832 bytes)
Hash
9213936694a6a641bf70aba52d6ff85b
7be0a53311f00f5aab6e995cadf1065ff89021c1
32e205f25b7ed1769dc0edce415aa6816582db4e77645fd54b8a0be4be7be7a9

HTTP Headers

GET /fileadmin/user_upload/logos/audi.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 15832
last-modified: Wed, 16 Dec 2015 08:30:35 GMT
etag: "3dd8-526ffb85eda44"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/lamborghini.jpg

134.119.0.105

200 OK

30 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/lamborghini.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x346, components 3\012- data
Size
30 kB (30433 bytes)
Hash
ed9b8cfd9cfeef78c209d5351d585647
4fcd60412aa014b073f4bd6894559fca244af211
fc75dceb248c55fed878decf5fb1eabcb59f135c0df3e2838e7b5ffa9dce120c

HTTP Headers

GET /fileadmin/user_upload/logos/lamborghini.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 30433
last-modified: Fri, 28 Jul 2017 11:49:59 GMT
etag: "76e1-5555f47e48794"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/abcgroup.jpg

134.119.0.105

200 OK

25 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/abcgroup.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x346, components 3\012- data
Size
25 kB (24707 bytes)
Hash
20b7076a9c47460114f4ee35c15a17c0
9c0fdba1df67e18146455c3d9106d1bd06e83fb0
4cd0f66bb45d1fca7c62c7b043a7d2f883927dbefdb4a0e3f6017b6d1bce0bcf

HTTP Headers

GET /fileadmin/user_upload/logos/abcgroup.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 24707
last-modified: Fri, 28 Jul 2017 10:24:08 GMT
etag: "6083-5555e14de4daf"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/user_upload/logos/seat.jpg

134.119.0.105

200 OK

17 kB

URL HTTP/2
www.bukuma.de/fileadmin/user_upload/logos/seat.jpg
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x346, components 3\012- data
Size
17 kB (16838 bytes)
Hash
f84ae6cdf00b22b80e5a96b0cf2b0b0d
67daea24129b7855ae6686d09dc768309679a3d1
f2e5fe8f1b986a4869ea32479c4d40c6c7fdfe43e3fd35bd87887e23e2ad2210

HTTP Headers

GET /fileadmin/user_upload/logos/seat.jpg HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/jpeg
content-length: 16838
last-modified: Fri, 28 Jul 2017 10:24:08 GMT
etag: "41c6-5555e14dee9ee"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871

134.119.0.105

200 OK

42 kB

URL HTTP/2
www.bukuma.de/typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
data
Size
42 kB (41715 bytes)
Hash
7ef9f8fe31bc175ad390e78740c839de
658f64a2a5f727ffa8f9fd46c2682ceff8fa7413
f5ef1c564a430ff1d807b726887c1409f3cfce03a45df78e0ef5b2b112f1bf89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /typo3temp/assets/compressed/merged-3d644ef3fd77728a8a71f1de1f0037d1.js?1660895871 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 19 Aug 2022 07:57:51 GMT
etag: W/"1f54d-5e69374744470"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:03 GMT
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/_images/arw-hover.png

134.119.0.105

200 OK

7.1 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/_images/arw-hover.png
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
PNG image data, 140 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7113 bytes)
Hash
a9a1954ef82f51ae761233505883f159
dc8982524df4440c129f77b69212743adfdf3c4b
e164409b9ce33cdeaa82a5e818f2808da7a123b72fabc86d9875b099f75652a7

HTTP Headers

GET /fileadmin/template.v1/_images/arw-hover.png HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/png
content-length: 7113
last-modified: Fri, 30 Jun 2017 13:08:40 GMT
etag: "1bc9-5532d1db05d4f"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-600.woff2

134.119.0.105

200 OK

13 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-600.woff2
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Size
13 kB (13052 bytes)
Hash
7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fileadmin/template.v1/fonts/source-sans-pro-v21-latin-600.woff2 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-length: 13052
last-modified: Fri, 19 Aug 2022 07:55:32 GMT
etag: "32fc-5e6936c239e15"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-300.woff2

134.119.0.105

200 OK

13 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-300.woff2
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size
13 kB (12956 bytes)
Hash
1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fileadmin/template.v1/fonts/source-sans-pro-v21-latin-300.woff2 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-length: 12956
last-modified: Fri, 19 Aug 2022 07:55:32 GMT
etag: "329c-5e6936c268059"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-700.woff2

134.119.0.105

200 OK

13 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-700.woff2
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Size
13 kB (12924 bytes)
Hash
4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fileadmin/template.v1/fonts/source-sans-pro-v21-latin-700.woff2 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-length: 12924
last-modified: Fri, 19 Aug 2022 07:55:32 GMT
etag: "327c-5e6936c22791e"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-regular.woff2

134.119.0.105

200 OK

13 kB

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/fonts/source-sans-pro-v21-latin-regular.woff2
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fileadmin/template.v1/fonts/source-sans-pro-v21-latin-regular.woff2 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-length: 13036
last-modified: Fri, 19 Aug 2022 07:55:33 GMT
etag: "32ec-5e6936c327e99"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bukuma.de/?type=4343

134.119.0.105

200 OK

3.6 kB

URL HTTP/2
www.bukuma.de/?type=4343
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (372)
Size
3.6 kB (3600 bytes)
Hash
cb586a2ddf3ac08080d7b4eaf54e83ed
606ca13ee58143042d7440e3937bee0ff46270c1
b7dcd542d5210ff8335bd764e3a82662905a9e7da9db1d5ba77f15526b499419

HTTP Headers

GET /?type=4343 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 3600
content-language: de
content-encoding: gzip
vary: Accept-Encoding
x-cache-status: EXPIRED
X-Firefox-Spdy: h2

www.bukuma.de/favicon.ico

134.119.0.105

200 OK

370 kB

URL HTTP/2
www.bukuma.de/favicon.ico
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type
MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
370 kB (370070 bytes)
Hash
314dd8e07e3f7773e4863f6d19fe04f6
bb0b6a44482a823d4e5d1b47b7c807a6cf661dce
c88f3a30aa87cee2b887b0a74a1756fd6e9f3fd6ec28924adea7a40edefaecd3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 370070
last-modified: Fri, 30 Jun 2017 12:26:55 GMT
etag: "5a596-5532c886187b4"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 16:02:21 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 16:02:21 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 16:02:21 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 16:02:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5736 bytes)
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 19512
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 48743
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6819 bytes)
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65965
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 66002
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 12:57:00 GMT
age: 11121
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14041 bytes)
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jJHVbOXepgkVHjuNJG9wPcMjDcGbAc-NIpv_KUECG6c-AnJZoIW0zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65965
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
b9e69153b4fb3730c89a75c79d0e3fdc
797637957577079ef72fc4b62d90ffd5f753d279
ef2a4261eddac748154a8584c5b140962468800f1de17871a33ac155acf345b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 16:02:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 00:48:14 GMT
Expires: Thu, 02 Feb 2023 00:48:14 GMT
ETag: "797637957577079ef72fc4b62d90ffd5f753d279"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.bukuma.de/typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354

134.119.0.105

200 OK

0 B

URL HTTP/2
www.bukuma.de/typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /typo3temp/assets/compressed/merged-85245644a2ed68bb3a95b9bfd583c020.js?1659358354 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 12:52:34 GMT
etag: W/"15942-5e52d794265e0"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:03 GMT
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/ajax-loader.gif

134.119.0.105

404 Not Found

0 B

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/ajax-loader.gif
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fileadmin/template.v1/ajax-loader.gif HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/typo3temp/assets/compressed/merged-1e94119336f4abf2424c13084205d79d-81cda43ea2cd2a8d4444fe921d3e1ab3.css.gzip?1660895871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.bukuma.de/typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641

134.119.0.105

200 OK

0 B

URL HTTP/2
www.bukuma.de/typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /typo3temp/assets/compressed/merged-81a89093b2780e05971ff7e77b193ac8.js?1498826641 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/?type=4343
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 30 Jun 2017 12:44:01 GMT
etag: W/"3a2-5532cc58b9ecb"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:04 GMT
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.bukuma.de/fileadmin/template.v1/jquery.2.1.4.min.js

134.119.0.105

200 OK

0 B

URL HTTP/2
www.bukuma.de/fileadmin/template.v1/jquery.2.1.4.min.js
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fileadmin/template.v1/jquery.2.1.4.min.js HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/?type=4343
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 19 Aug 2022 07:56:40 GMT
etag: W/"14978-5e693702b07a6"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:04 GMT
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.bukuma.de/typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617

134.119.0.105

200 OK

0 B

URL HTTP/2
www.bukuma.de/typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617
IP
134.119.0.105:0
ASN
#34011 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /typo3temp/assets/compressed/merged-b5a8d711aafcb4926e32068c579ee103.js?1498826617 HTTP/1.1
Host: www.bukuma.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bukuma.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 16:02:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 30 Jun 2017 12:43:37 GMT
etag: W/"50a9-5532cc4250c78"
cache-control: max-age=604800
expires: Wed, 08 Feb 2023 15:49:03 GMT
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (58)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN