Report - link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490

Report Overview

Submitted URL
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490
IP
217.160.0.78
ASN
#8560 IONOS SE
Submitted
2022-09-26 09:34:39
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
link-lkw-mobile.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.4 kB	485 kB	217.160.0.78
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.212.166.60
www.mobile.de	66236	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	2.1 kB	23.13.241.156
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
static.classistatic.de	94640	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	35 kB	91.211.75.130
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.8 kB	93.184.220.29
s.go-mpulse.net	1280	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	52 kB	23.38.200.138
c.go-mpulse.net	568	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	740 B	344 B	23.38.200.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490	Mobile.de
2022-09-25	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490	Mobile.de

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58	Phishing
2022-09-26	medium	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	26 B	2023-03-07	2023-03-25
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-25 23:09:26 Times Seen2 Hash f073f2834710d3fb944ada7c2f0142a6 05ecc280d6047be281441d4592c3da7d08235dd2 903bde4628d9f8db7da2c6037103b2204cd989f0f0bca24f8bb9bff0d5e0b9b6 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	519 B	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash 4175cef4e26549f300cbfe723f6b1af3 5890251a3a168a91361b8d13286b92da011e2952 ab1fe596669881bd078d24b08dc032c64b8ff47dabb06f7a8d4651141f6f8f7b Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	497 B	2023-03-07	2024-03-05
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-03-05 22:04:38 Times Seen62 Hash 0743c06b1747e70dc7fb44b14fc450e6 27f1b3d08b9efd24f40aea5678533d926d16b266 5564eb21e2d7472db10a5623eb88896ac941b527a1c0fdc2cafd5dff7e25cec6 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	116 B	2023-03-07	2023-03-25
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-25 23:09:26 Times Seen2 Hash 2f004e51824ffe83e67263c6b5d3c89c f4fdf7eb333ebd04698b9ed5a90b2fa1c95de2cc c9f6d61cd53650bea3a5f0d68938f2c732560eefbf25b5dc9e4cc942f08aa448 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js	84 kB	2023-03-07	2024-04-25
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 16:21:47 Times Seen15677 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js	8.9 kB	2023-03-07	2024-02-20
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-02-20 07:56:16 Times Seen393 Hash ae7cc52df298fe2b7fcedabb9b53861a b122d475935347a8e9ea6e1b1c8a7b4793e02e13 76c032a257771abe2f0869abb1b7493de6a7063edb63f7e871750cd7c1e75f49 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	949 B	2023-03-07	2023-03-25
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-25 23:09:26 Times Seen2 Hash e63593d3082a961c04d15fced5420faa fe84a063638437085364a7c74161cd1caf1a091f 5043876f398119871cce096a826f12390db930a51f9a93b4bc621c333a8b045a Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	2.5 kB	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash bc324ab651428e99c4bd5b6089ee98c2 ef2c31d1b299c5076b09dd4780d5d53e4ae73f09 adcb01a53a41be56f4709653ea23e4593564791fd5f972eb0476645a3912a1ed Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js	452 B	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash d0cb9e25e711970dbc2aa7d82438b736 0ecf8a0596bf5d3c68f52667133b7f435b44d09b b72aa387c59e33b01a7a95e21aaba20cf72a7b7a62b425853a10abb88cecd1ab Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js	95 kB	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash db9f07819bc0231a076e39dbc9682704 dc8b5e114dc2d534e6075033376ec02d1d222181 3ae7f439724da3d9bbe74ec9ad10530dc6e07dbc7a43b6ba76fa032928e4885c Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	425 B	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash 5d2686590acea0d994d3d0b97a987422 3c621b6de949a2871ba53cf2f4277020737743cc 10fc750e0b25f44566a35403ff0fbaf62a50dbb45eca38ee050e66e4b0b0b26e Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js	44 kB	2023-03-07	2024-03-02
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-03-02 13:53:11 Times Seen50 Hash b66b3b5d54e154c81a50880cdcd7e5f8 dd62dfaa936d8c1143dfcad8808bc559d1a0b199 dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic	552 B	2023-03-07	2024-02-20
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-02-20 07:56:16 Times Seen388 Hash 2eb51b4ec9f41e7aa81de0fcde307b77 7a082d7d0bee9983861d9a952ec3cfb7606e66fc 7b54eaba8bbfd0821c96d29e03b7e0cbad64180c7a6508ddba24262b5ddc9444 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js	3.1 kB	2023-03-07	2024-04-02
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2024-04-02 15:25:58 Times Seen19 Hash d05a380d50b74e629738ae6f62fb7e78 f8f84a5bf94274e6d3aa6ed9d6ccc0dcd9eab25c e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/	144 B	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/ IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash 7cfda3c682c6296a3e6d321aa658d8ff a98703beb4a934ab58cfab6ac6a835fa0342fe42 28ed7a2f6755c1938b1cb2761d7280950efe73ff66a28e6acd0b50b5f2cad2a4 Loading...

	s.go-mpulse.net/boomerang/PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH	207 kB	2023-03-07	2023-05-05
Pretty URL s.go-mpulse.net/boomerang/PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH IP 23.38.200.138 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:52 Last Seen2023-05-05 19:55:26 Times Seen141 Hash 53f533fdf71fdb8527ab9fa6641e241b 8cde78b625d06e4304941ec09ee038c47e4768dc 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54 Loading...

	link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js	3.2 kB	2023-03-07	2023-03-17
Pretty URL link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js IP 217.160.0.78 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:51 Last Seen2023-03-17 11:39:48 Times Seen1 Hash 60ffaba5e412336beea1968ac3c98848 c2be64cd9957e4550e4354a21289d123064902c4 4fd7af09aa784a39301ff416734bd437e789163f917445bb0ab1ee29bcc6af6f Loading...

		Size	First Seen	Last Seen
	#1 Write - 307a647aed7ff64fc52f7e430c9882ee	30 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:27 Last Seen2024-04-25 15:59:37 Times Seen5119 Hash 307a647aed7ff64fc52f7e430c9882ee 061cb2a0b893008a8c66563d96199a58b149141c 807a15fef8a2e854bd4657ca750efc8effd5f91349736064e0ef649819a7a296 Loading...

HTTP Transactions (48)

URL IP Response Size

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490

217.160.0.78

302 Moved Temporarily

138 B

URL HTTP/1.1
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Detections

Analyzer	Verdict	Alert
openphish	Mobile.de
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490 HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 26 Sep 2022 09:34:28 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490
Expires: Mon, 26 Sep 2022 09:54:28 GMT
Cache-Control: max-age=1200

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 08:38:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pO7zAZ3nJP5AF8EJZ5Flfnv1oy0o6ZuWn0zJZhVchxD4d_uvECSlNA==
Age: 3370

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7907
Expires: Mon, 26 Sep 2022 11:46:15 GMT
Date: Mon, 26 Sep 2022 09:34:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jvvAeQEgo460XenX_b7226jeepLKFLYFsJZ4DpAPt36wK3N770mzdg==
age: 17953
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 09:34:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 09:10:47 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 09:19:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 05i44AsVRVBvApvkJwoM1uBbMi2FHs1sx0kIX1x09K5WKJEdPGae7g==
Age: 1422

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
cb857e3ee4e167aed9e14fd53098ac42
67adbc46be128d15a54741194921b4cfd81cdf3b
c41be5c5b02bfd5e4f03f714c29c24d4846baec9fcd69ce22d31372c6d3076f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:28 GMT
Server: ECS (amb/6B9E)
Content-Length: 727

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490

217.160.0.78

301 Moved Permanently

268 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
268 B (268 bytes)
Hash
87154a2f2c77ee9d7b6a1642a6c4b1e5
dfdae94aa999328e2029fab3258c52050bb139f9
65da2d4b44cb94544a1066df2d2918fbb27c57aedb46a617eda8525e4f06047c

Detections

Analyzer	Verdict	Alert
openphish	Mobile.de
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490 HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 268
location: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
date: Mon, 26 Sep 2022 09:34:28 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4644
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Last-Modified: Mon, 26 Sep 2022 08:17:05 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_002.css

217.160.0.78

200 OK

32 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_002.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (4043)
Size
32 kB (31781 bytes)
Hash
a604d3562e7a88e92c2dcd1e7a99cd3f
9c8778e55f45f9bbd68300177028bfe5de429f9b
3132209c539616dfc1f3cda2f0a54138d98b781487a756576bacdfc88beffb89

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_002.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 31781
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "7c25-5e91cf1516636"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_003.css

217.160.0.78

200 OK

24 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_003.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (11204)
Size
24 kB (24271 bytes)
Hash
0c0e98c16ba8f39f4286e6f33016aa83
e9e26fd6c8b3db885c135ca91e5e5d47988544c5
5cbb1b182882ae8a2d6c7f76a37a80fcbd337f32f6ad3a399443805cca53b99c

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons_003.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 24271
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "5ecf-5e91cf152cd98"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons.css

217.160.0.78

200 OK

5.7 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (1197)
Size
5.7 kB (5686 bytes)
Hash
27ecd5be512f41ca2a77375e021f9b02
fc033a13c8be845e4555deb696a58b4f658cf344
b24c1d544038ccabbe84872306d25cbbcc1c64417ee815ab0ea19e0aa429efb0

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/icons.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 5686
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "1636-5e91cf1508b75"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js

217.160.0.78

200 OK

44 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (1490)
Size
44 kB (44470 bytes)
Hash
b66b3b5d54e154c81a50880cdcd7e5f8
dd62dfaa936d8c1143dfcad8808bc559d1a0b199
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/analytics.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 44470
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "adb6-5e91cf14ea712"
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.212.166.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.166.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zsUoJAPmVyMWSKpIbPqb5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Tc1flZEM6KtIUa+fzFWSrJ4zOc0=

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js

217.160.0.78

200 OK

84 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/jquery.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 84380
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "1499c-5e91cf153c799"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js

217.160.0.78

200 OK

8.9 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
HTML document, ASCII text
Size
8.9 kB (8913 bytes)
Hash
ae7cc52df298fe2b7fcedabb9b53861a
b122d475935347a8e9ea6e1b1c8a7b4793e02e13
76c032a257771abe2f0869abb1b7493de6a7063edb63f7e871750cd7c1e75f49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/fingerprint.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 8913
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "22d1-5e91cf14ec652"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2Main.css

217.160.0.78

200 OK

253 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2Main.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (2956)
Size
253 kB (253142 bytes)
Hash
611d10f58eb9d058c500d8dc8793e61e
da9d420f436a27cd96fc637306a1377c1168619b
f35f64cd5c4c85ec8111161f4a307468121975e5beb08a15bcec8011399b60d0

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2Main.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 253142
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "3dcd6-5e91cf14d4f50"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js

217.160.0.78

200 OK

3.2 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
3.2 kB (3207 bytes)
Hash
60ffaba5e412336beea1968ac3c98848
c2be64cd9957e4550e4354a21289d123064902c4
4fd7af09aa784a39301ff416734bd437e789163f917445bb0ab1ee29bcc6af6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/a2.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3207
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "c87-5e91cf14d10cf"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic

217.160.0.78

200 OK

552 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
552 B (552 bytes)
Hash
2eb51b4ec9f41e7aa81de0fcde307b77
7a082d7d0bee9983861d9a952ec3cfb7606e66fc
7b54eaba8bbfd0821c96d29e03b7e0cbad64180c7a6508ddba24262b5ddc9444

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/tanStatic HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 552
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "228-5e91cf157bf3f"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js

217.160.0.78

200 OK

452 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
Apache Avro version 101\012- , ASCII text, with very long lines (451)
Size
452 B (452 bytes)
Hash
d0cb9e25e711970dbc2aa7d82438b736
0ecf8a0596bf5d3c68f52667133b7f435b44d09b
b72aa387c59e33b01a7a95e21aaba20cf72a7b7a62b425853a10abb88cecd1ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/object.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 452
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "1c4-5e91cf156677d"
accept-ranges: bytes
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js

217.160.0.78

200 OK

3.1 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (3136)
Size
3.1 kB (3137 bytes)
Hash
d05a380d50b74e629738ae6f62fb7e78
f8f84a5bf94274e6d3aa6ed9d6ccc0dcd9eab25c
e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/promise.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3137
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "c41-5e91cf156c53e"
accept-ranges: bytes
X-Firefox-Spdy: h2

s.go-mpulse.net/boomerang/PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH

23.38.200.138

200 OK

52 kB

URL HTTP/2
s.go-mpulse.net/boomerang/PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
C source, ASCII text, with very long lines (31985)
Size
52 kB (51580 bytes)
Hash
cd84496512bb060357bd7e6e877fe2d1
90992f2c8c86540facb19e7ed4ab0ae3e4fdcda4
3b53bb627cec222cfed7c8c6ad8b68f869500bbd4231f4e1ed67358ae74fd5f6

HTTP Headers

GET /boomerang/PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Wed, 07 Sep 2022 19:02:18 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 51580
date: Mon, 26 Sep 2022 09:34:29 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15e6acfdd9f8caf92855c9d0f0a6d76e
12d4b7a2db5638503c15b426b9d9bd50b6d06a52
f57597e28b4f36b947135605748b394e9b03a66e69a49824776f02dad2ec491d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Last-Modified: Mon, 26 Sep 2022 07:54:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15e6acfdd9f8caf92855c9d0f0a6d76e
12d4b7a2db5638503c15b426b9d9bd50b6d06a52
f57597e28b4f36b947135605748b394e9b03a66e69a49824776f02dad2ec491d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Last-Modified: Mon, 26 Sep 2022 07:54:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bcc4c40ff2985ec33eac176e709a1ef8
df906ff376979c1473a4fc25e706c1e3da4a3bde
3db36dd0bd2aa775c36745a567f584d32d139766996fe121dcae3c8820ea5465

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5060
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Last-Modified: Mon, 26 Sep 2022 08:10:09 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

www.mobile.de/adv/consent/vendorlist.json

23.13.241.156

403 Forbidden

301 B

URL HTTP/2
www.mobile.de/adv/consent/vendorlist.json
IP
23.13.241.156:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
301 B (301 bytes)
Hash
bf0ec8c06988393c4f78347b10d295c5
13a53ea91a2f30073edfc1f3cc13020ffcf9499b
97e1a1faf8298a3e138a67ff5da3e1a6adec56a1e445f45bb52d8b50990b9a0c

HTTP Headers

GET /adv/consent/vendorlist.json HTTP/1.1
Host: www.mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 301
expires: Mon, 26 Sep 2022 09:34:29 GMT
date: Mon, 26 Sep 2022 09:34:29 GMT
set-cookie: _abck=BB3C414CE593C7A351AE8878CA653A7E~-1~YAAQFphUaE2LF3WDAQAATuMleQi6IbuoADoXI/Gw0JBXJ51nwyPbHvumQEPvEHaHIZ8Qz8Ftrudpr2KVHWhyl74dwql5RZtuSRXVoSFRvievNOtZxcfbpn8UIqS67Tiq3o4qEbElFKGCG1lCWUM+XlzDK6MOH86R6flR9cDKOyC0VGwEmbJsT6jW492n7fq+0F+/mjLBRmfirJHkBTbyTxrFqWG5n0KT2D2LHw7sLRE0l49W5Q/mjdJj8GF5Xy7hb4m/bBzxdSvpTatScdlRwBGEtOAm57J4AaeRbr/a/70aKunKudbvUCy1Ey7Nohz7MQd0MhE/yB1uZOb5p8qel+nd+IaJoQ9S93R2h4ijyOXlGTs/DurreqPVTw==~-1~-1~-1; Domain=.mobile.de; Path=/; Expires=Tue, 26 Sep 2023 09:34:29 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=35D64BBFF8A2E794746A1F62F96E5B6B~000000000000000000000000000000~YAAQFphUaE6LF3WDAQAATuMleRGlqSStQAAeht5nPbLtng3KWF6pBxI6znGDGTMqizn1CSVkao88Vux+g0aNJPlwFyyqGn4p22Djapw1kI05CIDgjkdtWawgnWxn9Zo3ao86O2+kQ8ciDcZc4rB6U3KLXc9mtqGv97MvbIS4JHcjQnjV/6whOmzh4d7Qx49IoDldS3PfkdpLpEJSXdjz3BMCAy6ffq+9RGycXAdPGeE1cs+by0mDhkPuJr+2364h+cl+uo/q/EVdPXTOhfcZKtOs9LCbuWU1HNa+S2ayn6HmrPVdzze3dhGgKrDmpR1AJvSBlEbtGNfyFMpopneC89fMO6/6rmgPEPsiNoWRXOJT31ArkRmZoR1jttbLbWD3NRxugiWg3h4=; Domain=.mobile.de; Path=/; Expires=Mon, 26 Sep 2022 11:34:29 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=404D4F65C6BE7AF51C2A1BCCC007AE67~YAAQFphUaE+LF3WDAQAATuMleRGnNQvfaY3QI/FuU0cakUstqDP/8DuTMF0szJ77XFUOqLhKN3EbHM/8q/p537pBwg3sQdYzMqUKb/h1k4G+HigDQbXzY1AfobYmzOkbwLmQqInV3BMVS/Tpqj7EinS1GKJkgQruKf6n46B8zoNBmtRv2FaP654e/gf3uEbfp7cWWQF2riRAYw1K7vpqDGEVnNqCCyBO9NsLvlOSljrF1kYo0Ts73tB74VKMN5Ssr2oTFrn8c37eQILw4kf+ABrphpsH8wxYzSVbH8xZ05uAqw==~3553072~4342851; Domain=.mobile.de; Path=/; Expires=Mon, 26 Sep 2022 13:34:29 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css

217.160.0.78

404 Not Found

20 kB

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1325)
Size
20 kB (19998 bytes)
Hash
bc3d713dd333de60b42f6e3d7e9b5338
40b8b11a5215cc5a75ce86578aefa8d61aa2d43e
afa89c3a6ee86e5b02c82f5a28b0c135ca88a3a2e53b57a2c2b68ada670cb13f

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Cookie: RT="z=1&dm=link-lkw-mobile.de&si=mf247d0sp4&ss=l8ikpa74&sl=0&tt=0"
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 09:34:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.go-mpulse.net/api/config.json?key=PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH&d=link-lkw-mobile.de&t=5547283&v=1.632.0&if=&sl=0&si=mf247d0sp4-rit99g&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=344245

23.38.200.138

403 Forbidden

68 B

URL HTTP/1.1
c.go-mpulse.net/api/config.json?key=PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH&d=link-lkw-mobile.de&t=5547283&v=1.632.0&if=&sl=0&si=mf247d0sp4-rit99g&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=344245
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with no line terminators
Size
68 B (68 bytes)
Hash
d5d09c865f89f804b41d1cb9b4cc7494
7e6b12eed01c39264138afb6a4583e7592b630d4
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

HTTP Headers

GET /api/config.json?key=PV5JN-R9AGB-VVMPH-JZK7Z-XW3AH&d=link-lkw-mobile.de&t=5547283&v=1.632.0&if=&sl=0&si=mf247d0sp4-rit99g&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=344245 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 68
Date: Mon, 26 Sep 2022 09:34:29 GMT
Connection: keep-alive
Content-Type: application/json

static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff

91.211.75.130

200 OK

34 kB

URL HTTP/2
static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff
IP
91.211.75.130:0
ASN
#41552 Marktplaats B.V.

File type
Web Open Font Format, TrueType, length 53256, version 1.0\012- data
Size
34 kB (33696 bytes)
Hash
c65b242ace8e8e69716b548ccc1c07fc
eddf3399859d56cd6e53f162f28741eca9301f0e
e9b9c3081934dd45e9f23767c0577bd02b493950d9b0a1375a993195508fa079

HTTP Headers

GET /fonts/Gibson-Regular-webfont-v2.woff HTTP/1.1
Host: static.classistatic.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1719131
cache-control: public, max-age=31536000
content-length: 53256
content-type: font/woff
date: Tue, 06 Sep 2022 12:02:18 GMT
etag: W/"6313d5a9-d008"
last-modified: Sat, 03 Sep 2022 22:31:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11260
Expires: Mon, 26 Sep 2022 12:42:10 GMT
Date: Mon, 26 Sep 2022 09:34:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11260
Expires: Mon, 26 Sep 2022 12:42:10 GMT
Date: Mon, 26 Sep 2022 09:34:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 43015
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 38674
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5980 bytes)
Hash
ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 42338
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6443 bytes)
Hash
3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:28:23 GMT
age: 39967
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15624 bytes)
Hash
1823d1bb11ceec44419af17b32275cb5
5df91bc07da358644dc16e12f509ee364ec17bcb
f7aa5f13f0d469d4ffe569b2c21cb599a9c70c490caa31e0e83c36fe2dd49a8b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15624
x-amzn-requestid: 966db920-27f5-496f-8aea-4e0628e6dc7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhF3xIAMFzaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-1f62801d573715e14518564c;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LH8Nx22zSbIDy8OoiC6xx7Mxfz6je1pmA2u9tqsLTtCiAyvjyVnq0g==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 41232
etag: "5df91bc07da358644dc16e12f509ee364ec17bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7998 bytes)
Hash
27d324b1fb661c318aced98468501b3c
5c4ee294c98e8fc9312a7d481b6ec165494cf852
937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:03:29 GMT
age: 41461
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js

217.160.0.78

200 OK

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/mde-consent-banner.js HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 94899
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
last-modified: Tue, 20 Sep 2022 14:50:00 GMT
etag: "172b3-5e91cf1559c5c"
accept-ranges: bytes
X-Firefox-Spdy: h2

static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff2

91.211.75.130

200 OK

0 B

URL HTTP/2
static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff2
IP
91.211.75.130:0
ASN
#41552 Marktplaats B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/Gibson-SemiBold-webfont-v2.woff2 HTTP/1.1
Host: static.classistatic.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
age: 1719131
cache-control: public, max-age=31536000
content-length: 19648
content-type: font/woff2
date: Tue, 06 Sep 2022 12:02:18 GMT
etag: W/"6313d5a9-4cc0"
last-modified: Sat, 03 Sep 2022 22:31:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff

91.211.75.130

200 OK

0 B

URL HTTP/2
static.classistatic.de/fonts/Gibson-SemiBold-webfont-v2.woff
IP
91.211.75.130:0
ASN
#41552 Marktplaats B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/Gibson-SemiBold-webfont-v2.woff HTTP/1.1
Host: static.classistatic.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1719104
cache-control: public, max-age=31536000
content-length: 27124
content-type: font/woff
date: Tue, 06 Sep 2022 12:02:45 GMT
etag: W/"6313d5a9-69f4"
last-modified: Sat, 03 Sep 2022 22:31:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/

217.160.0.78

200 OK

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/ HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58

217.160.0.78

404 Not Found

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58 HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css

217.160.0.78

404 Not Found

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/css/icons/form/icons.form.data.svg.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58

217.160.0.78

404 Not Found

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/H%C3%A4ndler-Login_files/f7664102f0234bf081d66d8594dd58 HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/common/icons.common.data.svg.css

217.160.0.78

404 Not Found

0 B

URL HTTP/2
link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/css/icons/common/icons.common.data.svg.css
IP
217.160.0.78:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pkw/fahrzeuge.details/1601459490/css/icons/common/icons.common.data.svg.css HTTP/1.1
Host: link-lkw-mobile.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link-lkw-mobile.de/pkw/fahrzeuge.details/1601459490/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
date: Mon, 26 Sep 2022 09:34:29 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2

static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff2

91.211.75.130

200 OK

0 B

URL HTTP/2
static.classistatic.de/fonts/Gibson-Regular-webfont-v2.woff2
IP
91.211.75.130:0
ASN
#41552 Marktplaats B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/Gibson-Regular-webfont-v2.woff2 HTTP/1.1
Host: static.classistatic.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link-lkw-mobile.de
Connection: keep-alive
Referer: https://link-lkw-mobile.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
age: 1719124
cache-control: public, max-age=31536000
content-length: 38620
content-type: font/woff2
date: Tue, 06 Sep 2022 12:02:24 GMT
etag: W/"6313d5a9-96dc"
last-modified: Sat, 03 Sep 2022 22:31:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations