Report - visametrik.de/

Report Overview

Submitted URL
visametrik.de/
IP
178.250.159.32
ASN
#29182 JSC IOT
Submitted
2024-04-28 09:49:07
Access
public
Website Title
Visametric | Официальный визовый центр Германии в Москве
Final URL
visametrik.de/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-27	2.4 kB	648 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-28	1.0 kB	33 kB	216.58.207.227
visametrik.de	429252	unknown	No data	No data	16 kB	1.2 MB	178.250.159.32
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-26	2.0 kB	331 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-27	916 B	16 kB	142.250.74.106
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	3.9 kB	311 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed
2024-04-28	medium	visametrik.de	Sinkholed

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	visametrik.de/	3.3 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash 2cf56f65308b319b58b50695529761b5 54e717da7fe390ee5ab14b646a35a45c699a1cbe c4e32f0e3ce39c703bf19e3818d64e79f65d22d4b6bf95b6bb022c90c6bedfad Loading...

	visametrik.de/	383 B	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash 3ed6a3956f5b13efdf0893e4ecdaf0da 3d718a57fdf47e37f209af6def3911241d10d198 83fd7ece3ebb34615225996df88a00adca552da5932c5fd5c8d82409a730aa88 Loading...

	visametrik.de/	440 B	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash e0e6d2249e9e0b2d8a465889eceab3ab 1661d959c6a31a885826a3cbfbbbc51224b804f8 b9ac6d76dc935e56ab362dfd99f6a0698aae516ee13f5f258846cddbeedddcd9 Loading...

	visametrik.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	39 kB	2024-04-03	2024-05-13
Pretty URL visametrik.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 08:25:08 Last Seen2024-05-13 03:27:54 Times Seen1729 Hash 92f8c01350c630f414f5d0b015ad6864 eab40ab4e77f92f2fb17684aaf44b579a51b8034 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937 Loading...

	visametrik.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2	13 kB	2023-03-07	2024-05-11
Pretty URL visametrik.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-11 19:57:46 Times Seen2275 Hash 6ad9165b167d54947b37f4b9de75ab39 4c02f66fd8c26141450e310d6786f50f99913dd4 eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19 Loading...

	visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/dtpicker.js?ver=6.5.2	6.7 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/dtpicker.js?ver=6.5.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:16 Times Seen2 Hash 026a0f7cc131890e7351f047c99b393b d6853364e0c7d3664831589710ea4d19248ae573 1ddb57fd80c98be9c68b59f8e3e434ed02d19d116f42a83c4baea8fdc8c9fdcd Loading...

	visametrik.de/wp-content/themes/vfs/js/dle_js.js?v=25	35 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/wp-content/themes/vfs/js/dle_js.js?v=25 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:16 Times Seen2 Hash ded22cb5111f387eba12e801c5233a19 3dc48f4a1a9a5b15231f1b744dfe49b59d55dda5 13e28c1a1c1b804be95a427e5fc5dcc7868d45c8346862ce786fc0a9e582ad1b Loading...

	visametrik.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0	6.6 kB	2023-11-03	2024-05-13
Pretty URL visametrik.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:42 Last Seen2024-05-13 03:27:54 Times Seen14497 Hash fd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c Loading...

	visametrik.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-05-12
Pretty URL visametrik.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-05-12 13:43:11 Times Seen27670 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-11
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-11 08:40:38 Times Seen8998 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.full.min.js?ver=6.5.2	54 kB	2023-04-15	2024-04-28
Pretty URL visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.full.min.js?ver=6.5.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-15 21:03:41 Last Seen2024-04-28 11:49:15 Times Seen107 Hash 732d299d4ef815124007e95a7e65aa79 2a614b3e0194330b306ad74e1ca576a71004db07 e765c408dc677cf0662e86ce2d347f5ad28c03906ae17a3bf1a177d473140e52 Loading...

	www.google.com/recaptcha/api.js?render=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&ver=3.0	884 B	2024-04-28	2024-04-28
Pretty URL www.google.com/recaptcha/api.js?render=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash f733874fb381ba5fbbb09ff66693d6a8 d0d0d714d789373dd06ee743e87fc695a87f161a eeb0165d6e883fac49a5d616c05dbaccfd1cac21f0d8e5d7051ec8542bfca670 Loading...

	visametrik.de/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4	30 kB	2023-03-07	2024-05-06
Pretty URL visametrik.de/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:31 Last Seen2024-05-06 10:57:45 Times Seen739 Hash e1d6533906ba8cce9da6157ec25c0dd5 050b3341c7d1497494334ab17a78c04ddc61dc1f 9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf Loading...

	visametrik.de/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-13
Pretty URL visametrik.de/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-13 02:25:07 Times Seen3862 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	visametrik.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-13
Pretty URL visametrik.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-13 03:27:54 Times Seen46091 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-12
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-05-12 01:54:34 Times Seen8369 Hash 61f338f870fcd0ff46362ef109d28533 b3c116c65e6f053aaab45e5619a78ec00271a50f 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Loading...

	visametrik.de/	335 B	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash 5b57e2c5c46a22db70151588cf86ee80 ef8166ea6413cd3e4afe1bb7290ac125b24db61a 7e6388732ff9713f2e473b1960d874d678f12197630178303a35f25091d2f661 Loading...

	visametrik.de/	140 B	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash 604e0fc1a692e3e6c053aff70b1cedc2 78daf53eb85f0c43568759044801cab53ef7c96d 97a64bc645030c40641df9e35b9947c3bdd4048d56282a5329480a266f61a32c Loading...

	visametrik.de/	1.1 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash 6d6e33c8ff22350930dbc27d2a7cc16a 0f78321944b958866fed17a59e2cc76d23618c7d 0c7b8c5ded827b5413dcb25421c0409195b7a35d9e679b35f206e59a0fdc7f43 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny	69 B	2023-03-07	2024-05-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-13 00:58:00 Times Seen101600 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	visametrik.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2	8.2 kB	2023-03-13	2024-05-13
Pretty URL visametrik.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32:06 Last Seen2024-05-13 03:27:54 Times Seen52265 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	visametrik.de/	167 B	2024-04-28	2024-04-28
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:15 Times Seen1 Hash b0d3cb324be24667aa2db8219eebbb21 558192e380cd1b6b7a1d25b29fa985b4ddba17e9 575b1e249e615b1f6b8ff87d44184c666d5e220b0931b4ec3e863ed712f90b4b Loading...

	visametrik.de/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2	1.8 kB	2023-03-07	2024-04-28
Pretty URL visametrik.de/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:29 Last Seen2024-04-28 11:49:16 Times Seen311 Hash bdca36ab07e77f468ef12716f7b78b9c 8c80cbe19b54685ac8a392ada33ffb6554d26326 ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3 Loading...

	visametrik.de/wp-content/themes/vfs/js/jqueryui.js?v=25	98 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/wp-content/themes/vfs/js/jqueryui.js?v=25 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:16 Times Seen2 Hash 9539c2bc3b10f5cb060a21a490d318ce a4e7f67acb0f95110147b828f13c033c2d74d051 20b3d85dd0a8c599e6d0688a05222ec2b2b537f8676a63bb93bc67925e61f875 Loading...

	visametrik.de/wp-content/themes/vfs/js/jquery.js?v=25	87 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/wp-content/themes/vfs/js/jquery.js?v=25 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:16 Times Seen2 Hash c889f2d6b1f6f33bc97cdebc48d779fb 12d35e00bbd1b55ae603c76313827e2b00346c39 5c838f0c617f2d711a1b2999bdca52f93ba1405c7455cbba57cb7eaaa7afc559 Loading...

	visametrik.de/wp-content/themes/vfs/js/libs.js	7.1 kB	2024-04-28	2024-04-28
Pretty URL visametrik.de/wp-content/themes/vfs/js/libs.js IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:49:15 Last Seen2024-04-28 11:49:16 Times Seen2 Hash a76e6bad1b087429456a3d1b9bd47a48 083162d04c2ea7266e2eb89098f73aceccd2507a d52a162b9b4245fd5e40c2bf51758ffc317b64885fcf66f8e8b7e9a236a5360c Loading...

	visametrik.de/	78 B	2023-03-07	2024-05-11
Pretty URL visametrik.de/ IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:09 Last Seen2024-05-11 18:59:31 Times Seen2813 Hash 01e23790be4ce2b3aba2dc09884a374c 23e94090b7c158bea7e8a9c732423a1c7ec29e85 3b42ad7bcd4a7cd47666bd0d1b0d2daff953e15314f1b0577f51d90a192e0a12 Loading...

	visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/moment/moment.js?ver=6.5.2	147 kB	2023-03-07	2024-05-09
Pretty URL visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/moment/moment.js?ver=6.5.2 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:08:50 Last Seen2024-05-09 03:32:39 Times Seen226 Hash 6722aa945b6577eda74330383105557f 856573ec2068ed8ce9f47df79522be45e44f1763 e7d219e5d6cbc81c99812b111376744e30ee5fb7b5022a96e5b67c060e7476c5 Loading...

	www.google.com/js/bg/jxnhk5jmHgJtz4Dlh1rT_zslgZiPJPGjuH1uymS8TXw.js	18 kB	2024-04-19	2024-04-29
Pretty URL www.google.com/js/bg/jxnhk5jmHgJtz4Dlh1rT_zslgZiPJPGjuH1uymS8TXw.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 09:16:41 Last Seen2024-04-29 22:07:01 Times Seen535 Hash 96dda94f567100c20e439dfefadb0776 1a7d2dc18f5c6ebcce4fcc8797648711d25cf548 8f19e19398e61e026dcf80e5875ad3ff3b2581988f24f1a3b87d6eca64bc4d7c Loading...

	visametrik.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-13
Pretty URL visametrik.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 178.250.159.32 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-13 03:27:54 Times Seen84634 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny	38 kB	2024-04-28	2024-04-28
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 11:49:16 Last Seen2024-04-28 11:49:16 Times Seen1 Hash de3802eb8eed5ea551d966be62765894 95fcd083e6c9d40f820abf77ea1667184aac0635 37f3da56f8600c2db8db00fe3fa4fc16a6ef39d5c8382a476c057c8bbaaa40d7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 787d3f0e560f601b183f398c58135e39	22 B	2024-04-19	2024-04-29
Pretty Observations First Seen2024-04-19 09:16:42 Last Seen2024-04-29 22:07:00 Times Seen254 Hash 787d3f0e560f601b183f398c58135e39 e33b69391c5892259580af47d5173425fa7fec82 ad3ee3243c4eb1b6ff972a7c426fe8160b8871facefeb7b2f454376be27e1e0c Loading...

	#2 Eval - 0b743a48549dfe6038648fbe052dc9e8	64 B	2024-04-19	2024-04-29
Pretty Observations First Seen2024-04-19 09:16:42 Last Seen2024-04-29 22:07:00 Times Seen253 Hash 0b743a48549dfe6038648fbe052dc9e8 3ca866d2b737d3f6d2c3632e37af0c170bab816b bcd3bcf74701095809373df486712ba6ed63bfac0a35738dcb9ebd951628fe69 Loading...

	#3 Eval - 53072ab578cceb5b28e1589a4df51b11	22 B	2024-04-19	2024-04-29
Pretty Observations First Seen2024-04-19 09:16:42 Last Seen2024-04-29 22:07:00 Times Seen250 Hash 53072ab578cceb5b28e1589a4df51b11 2db3ebb55219372ec3eb73a5824205a6447f1a48 5d1d26c4a76a199fde80287910c906cc46cc89ebecaf5569458fd3dee85c475b Loading...

	#4 Eval - 706b25cd079f3d24c01f1cdc534b4376	22 kB	2024-04-28	2024-04-28
Pretty Observations First Seen2024-04-28 11:49:16 Last Seen2024-04-28 11:49:16 Times Seen1 Hash 706b25cd079f3d24c01f1cdc534b4376 e70b781e8c7b78683bfec1ded2105429205ac680 07570e906e4bf511d838ad1892a4d15328e6060f61a6d85b12dfe8448341357f Loading...

HTTP Transactions (51)

URL IP Response Size

visametrik.de/

178.250.159.32

200 OK

18 kB

URL User Request GET HTTP/1.1
visametrik.de/
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9462)
Size
18 kB (18202 bytes)
Hash
7c14e43e687f99f1d6593aec48ae60fe
7350ebd2b73856c8daae0867a06a84ad84ecbe03
5e3019ffac689acf6b2a05c2ae92f8395cba08791e9c3097b0097650e1fb2890

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Hyper-Cache: stop - no cache header
Set-Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pingback: https://visametrik.de/xmlrpc.php
Link: <https://visametrik.de/wp-json/>; rel="https://api.w.org/", <https://visametrik.de/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://visametrik.de/>; rel=shortlink
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

178.250.159.32

200 OK

15 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text, with very long lines (59701)
Size
15 kB (15407 bytes)
Hash
51a8390b47aa0582cf2d9c96c5addee2
b16a640874025d085c38119a1a02a3460f83f2de
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Mon, 15 Apr 2024 09:35:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"661cf4e1-1bae5"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2

178.250.159.32

200 OK

933 B

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text
Size
933 B (933 bytes)
Hash
76e12144b6be9bc0a17dd880c5566156
c57db768b452aea923a2b083162e9e6ffb98d2f8
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Sun, 18 Jul 2021 11:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bbe-a50"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/uploads/maxmegamenu/style.css?ver=504394

178.250.159.32

200 OK

5.7 kB

URL GET HTTP/1.1
visametrik.de/wp-content/uploads/maxmegamenu/style.css?ver=504394
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text, with very long lines (1055)
Size
5.7 kB (5720 bytes)
Hash
326df1b2e74c58ad158fcf2f2b1960b2
a25292f1d03f928b119cfa76c222c2aeb0057a40
b7732fbd4e32a5d3753ef58c1c86020be8369af4d5c1539452c7cbf7320875c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/maxmegamenu/style.css?ver=504394 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Tue, 08 Dec 2020 00:06:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fcec36f-1039e"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/style.css

178.250.159.32

200 OK

8.4 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/style.css
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text
Size
8.4 kB (8406 bytes)
Hash
38ce1d38528826894846a4cce805839c
1d1167a6e81a7f76d86d5b365693a34391ad2f15
dece945262436052b6e2fb9d3abaca34ed95a4a143b81c902ef90be76f215d11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/style.css HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Fri, 06 Aug 2021 14:33:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"610d4838-985f"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/css/dashicons.min.css?ver=6.5.2

178.250.159.32

200 OK

36 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/css/dashicons.min.css?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text, with very long lines (58981)
Size
36 kB (35754 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Thu, 15 Apr 2021 08:44:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6077fcd2-e688"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.min.css?ver=6.5.2

178.250.159.32

200 OK

4.5 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.min.css?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
ASCII text, with very long lines (16502)
Size
4.5 kB (4512 bytes)
Hash
868fad89fd813e6b1735ea15a6e8433e
bb6c9caa734240f38da28a310ab1658be68f96ba
0ce4bd5ba351f8d15ed5f521104d0f18a63f7ee6db5029ce7d38ded89303c376

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.min.css?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: text/css
Last-Modified: Sun, 18 Jul 2021 11:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bc9-4077"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

178.250.159.32

200 OK

4.9 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
4.9 kB (4881 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 13 Dec 2023 16:52:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6579e15e-3509"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

178.250.159.32

200 OK

31 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30633 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 13 Dec 2023 16:52:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6579e15e-15601"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/js/jquery.js?v=25

178.250.159.32

200 OK

31 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/js/jquery.js?v=25
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
31 kB (30689 bytes)
Hash
c889f2d6b1f6f33bc97cdebc48d779fb
12d35e00bbd1b55ae603c76313827e2b00346c39
5c838f0c617f2d711a1b2999bdca52f93ba1405c7455cbba57cb7eaaa7afc559

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/js/jquery.js?v=25 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 07 Dec 2020 19:28:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fce8251-1539d"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/js/jqueryui.js?v=25

178.250.159.32

200 OK

28 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/js/jqueryui.js?v=25
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (18446)
Size
28 kB (27800 bytes)
Hash
9539c2bc3b10f5cb060a21a490d318ce
a4e7f67acb0f95110147b828f13c033c2d74d051
20b3d85dd0a8c599e6d0688a05222ec2b2b537f8676a63bb93bc67925e61f875

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/js/jqueryui.js?v=25 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 07 Dec 2020 19:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fce8252-17d18"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/js/dle_js.js?v=25

178.250.159.32

200 OK

7.9 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/js/dle_js.js?v=25
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (2637)
Size
7.9 kB (7929 bytes)
Hash
ded22cb5111f387eba12e801c5233a19
3dc48f4a1a9a5b15231f1b744dfe49b59d55dda5
13e28c1a1c1b804be95a427e5fc5dcc7868d45c8346862ce786fc0a9e582ad1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/js/dle_js.js?v=25 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 07 Dec 2020 19:28:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fce8251-8730"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/js/libs.js

178.250.159.32

200 OK

2.1 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/js/libs.js
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text
Size
2.1 kB (2089 bytes)
Hash
a76e6bad1b087429456a3d1b9bd47a48
083162d04c2ea7266e2eb89098f73aceccd2507a
d52a162b9b4245fd5e40c2bf51758ffc317b64885fcf66f8e8b7e9a236a5360c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/js/libs.js HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sat, 12 Dec 2020 19:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fd5149e-1bb0"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://visametrik.de
DNT: 1
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:48:39 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e3a84ae106f650890e45476d38d55b5b
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87b6234c3dceb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

visametrik.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

178.250.159.32

200 OK

2.5 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (8171), with no line terminators
Size
2.5 kB (2487 bytes)
Hash
dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Thu, 30 Mar 2023 12:13:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"64257cf7-1feb"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

178.250.159.32

200 OK

2.5 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (6625), with no line terminators
Size
2.5 kB (2504 bytes)
Hash
fd7ef2e4737acd74fd0dcdc3b515e304
0d792b33f12a48ee8aaaf2560a63a5682470645b
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Wed, 13 Dec 2023 16:52:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6579e15e-19e1"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

178.250.159.32

200 OK

14 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38582), with no line terminators
Size
14 kB (13931 bytes)
Hash
92f8c01350c630f414f5d0b015ad6864
eab40ab4e77f92f2fb17684aaf44b579a51b8034
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 15 Apr 2024 09:35:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"661cf4e1-96be"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2

178.250.159.32

200 OK

4.1 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (12987), with no line terminators
Size
4.1 kB (4085 bytes)
Hash
6ad9165b167d54947b37f4b9de75ab39
4c02f66fd8c26141450e310d6786f50f99913dd4
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bbe-32bb"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/moment/moment.js?ver=6.5.2

178.250.159.32

200 OK

33 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/moment/moment.js?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text
Size
33 kB (33305 bytes)
Hash
6722aa945b6577eda74330383105557f
856573ec2068ed8ce9f47df79522be45e44f1763
e7d219e5d6cbc81c99812b111376744e30ee5fb7b5022a96e5b67c060e7476c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/date-time-picker-field/assets/js/vendor/moment/moment.js?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bc9-23dac"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.full.min.js?ver=6.5.2

178.250.159.32

200 OK

17 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.full.min.js?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (50898)
Size
17 kB (17129 bytes)
Hash
6f74b6fbc9a684e1c781247bea662728
5b998d6923d358643cdcb1731b1dc9325a735f5e
d97c5e0e2f56aa9a35c4c58a7a1ee86622beec78c4bac6e00531a7075374dee9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/date-time-picker-field/assets/js/vendor/datetimepicker/jquery.datetimepicker.full.min.js?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:39 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bc9-d469"
Expires: Mon, 29 Apr 2024 09:48:39 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/dtpicker.js?ver=6.5.2

178.250.159.32

200 OK

1.5 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/date-time-picker-field/assets/js/dtpicker.js?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text
Size
1.5 kB (1539 bytes)
Hash
026a0f7cc131890e7351f047c99b393b
d6853364e0c7d3664831589710ea4d19248ae573
1ddb57fd80c98be9c68b59f8e3e434ed02d19d116f42a83c4baea8fdc8c9fdcd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/date-time-picker-field/assets/js/dtpicker.js?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bc9-1a3d"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2

178.250.159.32

200 OK

847 B

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (1849), with no line terminators
Size
847 B (847 bytes)
Hash
bdca36ab07e77f468ef12716f7b78b9c
8c80cbe19b54685ac8a392ada33ffb6554d26326
ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bbe-739"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2

178.250.159.32

200 OK

706 B

URL GET HTTP/1.1
visametrik.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
8c0498e2f1f7a684a8d2a3feb934b64b
76099689ccaee466d4608da621c403b368dcae03
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 13 Sep 2022 09:44:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"632050f9-5db"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4

178.250.159.32

200 OK

5.0 kB

URL GET HTTP/1.1
visametrik.de/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (315)
Size
5.0 kB (4997 bytes)
Hash
e1d6533906ba8cce9da6157ec25c0dd5
050b3341c7d1497494334ab17a78c04ddc61dc1f
9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sun, 18 Jul 2021 11:09:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f40bce-7741"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&subset=cyrillic,cyrillic-ext

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&subset=cyrillic,cyrillic-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
12 kB (12546 bytes)
Hash
781a69792387c81ab7abd0038529e682
3ad874518fb76e5ff832f78a04401ca811d5b86d
8e996d87fdb60663b432f29e658b5ef6e6a0d159bdb4bffac8ae21a50bedeff8

HTTP Headers

GET /css?family=PT+Sans:400,400i,700,700i&subset=cyrillic,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Apr 2024 09:48:39 GMT
date: Sun, 28 Apr 2024 09:48:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

visametrik.de/wp-content/themes/vfs/fonts/Montserrat-Regular.ttf

178.250.159.32

200 OK

246 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/fonts/Montserrat-Regular.ttf
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
246 kB (245708 bytes)
Hash
ee6539921d713482b8ccd4d0d23961bb
d25b35242deb1c6ff888b8162ca2aacc356d3899
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/fonts/Montserrat-Regular.ttf HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/wp-content/themes/vfs/style.css
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/octet-stream
Content-Length: 245708
Last-Modified: Mon, 07 Dec 2020 19:28:14 GMT
Connection: keep-alive
ETag: "5fce824e-3bfcc"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

visametrik.de/wp-content/themes/vfs/images/logo.png

178.250.159.32

200 OK

14 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/images/logo.png
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
PNG image data, 548 x 122, 8-bit/color RGBA, non-interlaced
Size
14 kB (13814 bytes)
Hash
e2ebb3e1541b490ce9403b84b299d29b
cd77be2cd0d1b95b54b5fe55f48f274e66d6a808
d76f550d3cebc73be7b0335b5dc963ab3e40b80ff55289707e34ee8f0510970f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/images/logo.png HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: image/png
Content-Length: 13814
Last-Modified: Tue, 03 Aug 2021 14:39:43 GMT
Connection: keep-alive
ETag: "6109552f-35f6"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

visametrik.de/wp-content/themes/vfs/fonts/Montserrat-Bold.ttf

178.250.159.32

200 OK

244 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/fonts/Montserrat-Bold.ttf
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
244 kB (244468 bytes)
Hash
ade91f473255991f410f61857696434b
3a54407a2b26ff4718708a4726b10cb070d16534
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/fonts/Montserrat-Bold.ttf HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/wp-content/themes/vfs/style.css
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/octet-stream
Content-Length: 244468
Last-Modified: Mon, 07 Dec 2020 19:28:06 GMT
Connection: keep-alive
ETag: "5fce8246-3baf4"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

visametrik.de/wp-content/themes/vfs/images/crop/slide-e1607464193405-118x118.jpg

178.250.159.32

200 OK

6.7 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/images/crop/slide-e1607464193405-118x118.jpg
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 118x118, components 3
Size
6.7 kB (6741 bytes)
Hash
a34020d9fb6abb2c4599fbaa3eaeb19f
5fa8c832cc57ba4f4784918e8dc8dade03e32f93
90b506dc4dcf6b49842f3216854abf3869c378a04124e9a39c694e0de6be4541

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/images/crop/slide-e1607464193405-118x118.jpg HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: image/jpeg
Content-Length: 6741
Last-Modified: Sun, 28 Apr 2024 09:48:39 GMT
Connection: keep-alive
ETag: "662e1b77-1a55"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

www.google.com/recaptcha/api.js?render=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&ver=3.0

142.250.74.164

200 OK

244 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&ver=3.0
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT

File type
gzip compressed data
Size
244 kB (244400 bytes)
Hash
5480aa15bff129e8d86648d4b020166a
76f81957eb49ba4e6c3b181706845815c3243512
8e9bee51213f7bece7aee251fc94fe62e7c774756e63aff70b68a3e5ec16f067

HTTP Headers

GET /recaptcha/api.js?render=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Apr 2024 09:48:39 GMT
date: Sun, 28 Apr 2024 09:48:39 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

visametrik.de/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

178.250.159.32

200 OK

5.1 kB

URL GET HTTP/1.1
visametrik.de/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.1 kB (5136 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 15 Apr 2024 09:35:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"661cf4e1-4926"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

visametrik.de/wp-content/themes/vfs/images/law.jpg

178.250.159.32

200 OK

81 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/images/law.jpg
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3
Size
81 kB (81276 bytes)
Hash
7d5cf143517482f475ce49e3879a190f
bbe90c84e609e3a5fcfc302a47ab83ab58b77043
4a9b0efc2d9fdd008fe3b0a4c5d12d1991527c61f22a6708c9e83e119ac5beda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/images/law.jpg HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: image/jpeg
Content-Length: 81276
Last-Modified: Thu, 04 Feb 2021 15:58:49 GMT
Connection: keep-alive
ETag: "601c19b9-13d7c"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

visametrik.de/wp-content/uploads/2020/12/slide-e1607464193405.jpg

178.250.159.32

200 OK

65 kB

URL GET HTTP/1.1
visametrik.de/wp-content/uploads/2020/12/slide-e1607464193405.jpg
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1142x364, components 3
Size
65 kB (64608 bytes)
Hash
5b12c08aacabb7a4c39055e3fb7f335d
f420bde8922d55d46fc01b1f4b31ef40e796b18a
09f1fc6b8fad429a08e069c09addf82cc40e042b690780ebec28ba4f4b2e2a1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/12/slide-e1607464193405.jpg HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: image/jpeg
Content-Length: 64608
Last-Modified: Tue, 08 Dec 2020 21:49:53 GMT
Connection: keep-alive
ETag: "5fcff501-fc60"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

visametrik.de/wp-content/themes/vfs/images/favicon.png

178.250.159.32

200 OK

7.8 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/images/favicon.png
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
PNG image data, 118 x 103, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7834 bytes)
Hash
123d414300e07e6a8ffbcdbbdd7bcc0c
3a413fddd734ffc4cf74934ba12552559c0e0793
0aba5f687dff15cf8b4f77b6077cab3e803dfa5a39f2c6fbe1290041109cac28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/images/favicon.png HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: image/png
Content-Length: 7834
Last-Modified: Mon, 07 Dec 2020 19:31:01 GMT
Connection: keep-alive
ETag: "5fce82f5-1e9a"
Expires: Mon, 29 Apr 2024 09:48:40 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.131

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://visametrik.de
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:29 GMT
expires: Sat, 26 Apr 2025 06:04:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 186251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.131

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:01:56 GMT
expires: Sat, 26 Apr 2025 06:01:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 186405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:25:07 GMT
expires: Fri, 25 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 231814
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.131

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:07:40 GMT
expires: Sat, 26 Apr 2025 06:07:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/jxnhk5jmHgJtz4Dlh1rT_zslgZiPJPGjuH1uymS8TXw.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/jxnhk5jmHgJtz4Dlh1rT_zslgZiPJPGjuH1uymS8TXw.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
JavaScript source, ASCII text, with very long lines (17661)
Size
7.5 kB (7465 bytes)
Hash
96dda94f567100c20e439dfefadb0776
1a7d2dc18f5c6ebcce4fcc8797648711d25cf548
8f19e19398e61e026dcf80e5875ad3ff3b2581988f24f1a3b87d6eca64bc4d7c

HTTP Headers

GET /js/bg/jxnhk5jmHgJtz4Dlh1rT_zslgZiPJPGjuH1uymS8TXw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7465
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:57 GMT
expires: Sat, 26 Apr 2025 06:04:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 186224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.131

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:35:26 GMT
expires: Thu, 02 May 2024 17:35:26 GMT
cache-control: public, max-age=604800
age: 231195
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/reload?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK

142.250.74.164

200 OK

8.6 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
ASCII text, with very long lines (11812)
Size
8.6 kB (8632 bytes)
Hash
4b7f74b04c2b72c95fd7f6dce47fd6d5
4720a9a1ad2c40a4f1e0150a66fa63a91e4bb869
6c3c905328a9414d071eb356909a20488ab0e1e3c230b2d197b4283ab7f938ff

HTTP Headers

POST /recaptcha/api2/reload?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6349
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sun, 28 Apr 2024 09:48:42 GMT
expires: Sun, 28 Apr 2024 09:48:42 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AN_JpP9m34yFRQESr8ZzuugCN4W9RoUHg024j8VCKLqnMHWota0MFmGAcGoQerV8yamXzjSnUiuVIt9j2WV7Nds;Path=/recaptcha;Expires=Fri, 25-Oct-2024 09:48:42 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

visametrik.de/wp-content/themes/vfs/fonts/Montserrat-SemiBold.ttf

178.250.159.32

200 OK

244 kB

URL GET HTTP/1.1
visametrik.de/wp-content/themes/vfs/fonts/Montserrat-SemiBold.ttf
IP
178.250.159.32:443
ASN
#29182 JSC IOT

Requested by
https://visametrik.de/
Certificate
IssuerLet's Encrypt
Subjectvisametric-com.ru
Fingerprint89:E0:5C:84:F0:26:19:8C:35:89:DB:BD:CB:0D:EA:A8:94:44:D3:B8
ValidityThu, 11 Apr 2024 23:48:24 GMT - Wed, 10 Jul 2024 23:48:23 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
244 kB (243816 bytes)
Hash
c641dbee1d75892e4d88bdc31560c91b
f829de4c176fb2ccf5e33360920f48de6794434e
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/vfs/fonts/Montserrat-SemiBold.ttf HTTP/1.1
Host: visametrik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/wp-content/themes/vfs/style.css
Cookie: PHPSESSID=1ib42s2bi13q6mv0gg3t71igcq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 09:48:40 GMT
Content-Type: application/octet-stream
Content-Length: 243816
Last-Modified: Mon, 07 Dec 2020 19:28:15 GMT
Connection: keep-alive
ETag: "5fce824f-3b868"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny

142.250.74.164

200 OK

46 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
HTML document, ASCII text, with very long lines (37567)
Size
46 kB (46251 bytes)
Hash
74b93b7fe9137703d63330059d1b7eaf
be46db569a20587ac25c023052a073fb3ff8764e
a317c5954fd07bd426ddba467bf746386945c492fe7dbace8ac001313cb6223b

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 28 Apr 2024 09:48:40 GMT
content-security-policy: script-src 'nonce-rFLyQcKhe9wrY2ocVZQs2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:48:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 13671894
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87b62349a99456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat&display=swap

142.250.74.106

200 OK

1.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1964), with no line terminators
Size
1.9 kB (1919 bytes)
Hash
239a618ffafef4ef52b8420e3a840889
eb3c9591cf15cfbc0708770f3680d7ecf7a2029b
1a65d1c5600a83400ac4e08ed56f140e81590a6761a6cdc03187da69555196aa

HTTP Headers

GET /css2?family=Montserrat&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Apr 2024 09:48:39 GMT
date: Sun, 28 Apr 2024 09:48:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m

142.250.74.164

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
284b36421a1cf446f32cb8f7987b1091
eb14d6298c9da3fb26d75b54c087ea2df9f3f05f
94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Apr 2024 09:48:41 GMT
date: Sun, 28 Apr 2024 09:48:41 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (159515 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://visametrik.de
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:48:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 10/31/2023 19:00:00
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2a5ccf3076edee9c2cb9fa723174fc0c
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87b623499b5eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/clr?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK

142.250.74.164

200 OK

0 B

URL POST HTTP/3
www.google.com/recaptcha/api2/clr?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recaptcha/api2/clr?k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1458
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-XrkbAAAAADQkpmwblcVfXeye3FsuM9DleGwK&co=aHR0cHM6Ly92aXNhbWV0cmlrLmRlOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=17rfn9j9jgny
Cookie: _GRECAPTCHA=09AN_JpP9m34yFRQESr8ZzuugCN4W9RoUHg024j8VCKLqnMHWota0MFmGAcGoQerV8yamXzjSnUiuVIt9j2WV7Nds
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/binary
date: Sun, 28 Apr 2024 09:48:42 GMT
expires: Sun, 28 Apr 2024 09:48:42 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

104.18.10.207

200 OK

60 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://visametrik.de/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59729)
Size
60 kB (60010 bytes)
Hash
61f338f870fcd0ff46362ef109d28533
b3c116c65e6f053aaab45e5619a78ec00271a50f
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

HTTP Headers

GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://visametrik.de
DNT: 1
Connection: keep-alive
Referer: https://visametrik.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:48:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"61f338f870fcd0ff46362ef109d28533"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 01/04/2023 07:40:19
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1075
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 46239c134bd28392b5b8006095c079ee
cdn-cache: HIT
cf-cache-status: HIT
age: 952
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87b623499b62b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML