Report - britinn.at/

Report Overview

Submitted URL
britinn.at/
IP
199.34.228.69
ASN
#27647 WEEBLY
Submitted
2022-09-15 08:37:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	48 kB	142.250.74.163
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.183.116
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	35 kB	142.250.74.138
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
ec.editmysite.com	12806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	745 B	35.82.13.103
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	158 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.8 kB	23.36.77.32
britinn.at	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	330 B	471 B	199.34.228.69
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.2 kB	142.250.74.164
www.britinn.at	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	201 kB	199.34.228.69
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.0 kB	142.250.74.10
cdn2.editmysite.com	11564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	256 kB	151.101.85.46
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	628 B	38 kB	142.250.74.174
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-15	medium	britinn.at/	Malware
2022-09-15	medium	www.britinn.at/	Malware
2022-09-15	medium	www.britinn.at/files/theme/social-midgrey.png?1661345964	Malware
2022-09-15	medium	www.britinn.at/files/theme/nav-bg.png?1661345964	Malware
2022-09-15	medium	www.britinn.at/files/theme/button.png?1661345964	Malware
2022-09-15	medium	www.britinn.at/files/theme/field.png?1661345964	Malware
2022-09-15	medium	www.britinn.at/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.britinn.at/	397 B	2023-03-07	2023-04-20
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:37 Last Seen2023-04-20 14:41:56 Times Seen2 Hash 67c3a0cdb1c707d6540f3b56950c8081 64461e82a591c40a3873a6ceab99b950304da7bf faa91f2a04ac6816a2166ce326ec4dfcbdce230841649915350b1e48b9b31a20 Loading...

	www.britinn.at/	664 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2872 Hash fdd0b895b9cf69a9a4f4817533aa51f5 afc67ab62c3c91df626260407845fc41bf5d895e a50f8a487c23d76460681440220a85a28cdb09912ef451d59aa2b4f47c32aea0 Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.britinn.at/	32 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-19 08:00:10 Times Seen2927 Hash 1bca01edca83d94091a2bb38d7ef8183 d05117e4ab3b3461be3855e95813a5c607e3ca95 fcf1cbf5cfad6d605868f42d38a0a937f5e6eaa91b05dcfbbbc95e4c3e23e528 Loading...

	www.britinn.at/	1.8 kB	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2901 Hash 563cec0ace2baea4e867b491f66cd6b0 fc4451f8fa76c5d1e3714e9008510633cffaa4f7 e4538493fc4f43f93806d0239acac9b38b0453c8440dc5ba4fcb47eae6ab2556 Loading...

	cdn2.editmysite.com/js/lang/de/stl.js?buildTime=1661298829&	190 kB	2023-03-07	2023-03-17
Pretty URL cdn2.editmysite.com/js/lang/de/stl.js?buildTime=1661298829& IP 151.101.85.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:59 Last Seen2023-03-17 11:40:42 Times Seen1 Hash bd1aef83a741c490fc07c5942149d110 a8a29ee3f509d1706160c6cc05ba81bba4ec9a08 ef174e5b42fe6998dbd8f31528daefa87b05e611ca5238579094c8b6f6e945f3 Loading...

	www.britinn.at/	22 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-19 08:00:10 Times Seen2254 Hash 9a33cbad7c996ea8903a3eb3332a125c 8efed109b301f8aa0f3768dcd824d669d0129741 5d3b8f4578ca89904a46d014a8433346ca2773e8691f6cc9d09b2b30f0802dbc Loading...

	www.britinn.at/	62 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2913 Hash 461bd236ddeca3b8b6e3cca8599ccb43 73c74d3281452e483c11f944d798738afc7f5b89 aebd4ac1ead5b4987d8b975cafa889ca1a6831175bc206ca9552863e390bc0f1 Loading...

	www.britinn.at/	2.5 kB	2023-03-07	2023-03-17
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:37 Last Seen2023-03-17 11:40:43 Times Seen1 Hash 1a5dcc542245ec9bec6de298ae9f342f 58e5aae6e7b5b0f4f4fb2335d1b26b1236c9be8a e675312cd864cffacc7134a8ed291aed42bea121e6d16eb314ffc012d5e935c4 Loading...

	www.britinn.at/	1.2 kB	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2878 Hash 24449345e209b8641a813eaef44a5244 21617897e4d35717e2e41b766501fbd883a8f16d 3e72636c6cf854c8657ccbf9e03f7af05bd4836066c329417a4f8251bb5d18c1 Loading...

	www.google.com/recaptcha/api.js?_=1663231031542	850 B	2023-03-07	2023-06-01
Pretty URL www.google.com/recaptcha/api.js?_=1663231031542 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:35 Last Seen2023-06-01 18:53:29 Times Seen3 Hash e4a27b80af74574723492ba0e07dca3e 0f63076c868d36e4a513a6510f7dae886c771d71 62873763c68dae3a2e2d5426b0bea772aa615eab4b31e48f8d35709dd49e84b8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js	94 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-19 13:22:27 Times Seen16185 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js	397 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:20 Last Seen2023-03-17 11:41:52 Times Seen1 Hash 09705f2d215ade77e21cd6743f3d2c0c b4838ce510bc55c3a5bd5dca82e29f4de4536e81 52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150 Loading...

	www.britinn.at/	50 B	2023-03-07	2023-04-20
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:37 Last Seen2023-04-20 14:41:56 Times Seen2 Hash 3924416e141888e24eb9602df0be8135 2764829d5007cfce37cdc48f80f84a7e0b92f248 d1ed87e93f4f752e8347011d13127edb63c97623d22aeb5f377a3d1d63d64374 Loading...

	www.britinn.at/	398 B	2023-03-07	2024-04-12
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-12 14:45:01 Times Seen78 Hash f3248e4c4191204900f8bc59f9f008c6 8375059f4843cb30c0bd3d17faaf5bfa41a88210 966050198c27c6cc3c6cad0d9726f3e66d72c4288197a29d1ebe0f94372613c0 Loading...

	cdn2.editmysite.com/js/wsnbn/snowday262.js	75 kB	2023-03-07	2024-04-19
Pretty URL cdn2.editmysite.com/js/wsnbn/snowday262.js IP 151.101.85.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-19 12:19:23 Times Seen28284 Hash 99bbe560926e583b8e99036251deb783 8d81b73ae06f664f9d9e53dd5829a799bf434491 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:41:11 Times Seen36960789 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.britinn.at/	265 B	2023-03-07	2023-03-17
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:37 Last Seen2023-03-17 11:40:43 Times Seen1 Hash 44a45e0e5039b166dd1a691ff7b2d379 398f6045618f9dc53c533f6ab2dc6c7bb0378ea2 416ba293795d3c7ed642f447cad2ea4d69c2ce6b3edfcf6151e1df0a5ed6c90c Loading...

	www.britinn.at/	35 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-19 08:00:10 Times Seen2918 Hash 13385ea3f3e6184de3bfa80f08fe938b 6f859a2fd4b7e15ed74990516d97a52e7b4eeb20 5e87d85ec57af5d97b6c0d4c6e766afd2b53d077102827d19625a37d8cd11c2d Loading...

	www.britinn.at/	2.3 kB	2023-03-07	2023-04-20
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:37 Last Seen2023-04-20 14:41:56 Times Seen2 Hash f4085bcb6dd8f0ce184eeb078fbf5bb7 98160242d393ecc986e5ed08e6ed0ee316735404 fdcc896a3890d84ddd6f5fc6e9a5f6b4357e0602f80951576107694b9a3e05f1 Loading...

	www.britinn.at/	62 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2680 Hash 1afa8234115c6f382672d91917a6fb26 e96957cb655865327588927ebc34d1ae376e9e64 45988af53e17c3bc8103bbe22bd47dd6d2d03d4a90c4116dc0621ab24ff87258 Loading...

	www.britinn.at/	117 B	2023-03-07	2024-04-19
Pretty URL www.britinn.at/ IP 199.34.228.69 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-19 08:00:10 Times Seen2904 Hash ef142665f07ac27f698aa34d471c4439 b9e0d81f97054a9a0a68f57096d992ba58f33184 fbfd3b11452dce82b76e405100aece37dcfe12df4c71fb8f2bc2fe2166e9f07f Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15080
Expires: Thu, 15 Sep 2022 12:48:45 GMT
Date: Thu, 15 Sep 2022 08:37:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 08:10:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cIZikK3agdRJBoqyQkExbBIo1ciiOp9i1Bb0CNYBc6t7h8LDP_mHGQ==
Age: 1623

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2MHcNLqtRLkNJR52ZIEfGGjkRGEa4wRKGB3oSGhXQBp-NbYsgYMF0A==
age: 14530
X-Firefox-Spdy: h2

britinn.at/

199.34.228.69

301 Moved Permanently

230 B

URL HTTP/1.1
britinn.at/
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
230 B (230 bytes)
Hash
2672abcc61a209fdcb1bf5debd694f9a
8b556b97a8a21c267daa18d3a8b5b92e3da6a68d
004f8735b574470e599ab67d81105b3fa24c0518ec4514ab617e536258d2f963

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 08:37:25 GMT
Server: Apache
Location: http://www.britinn.at/
Content-Length: 230
Keep-Alive: timeout=10, max=50
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 08:37:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 08:54:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NvQjbZ3qIMuxudXpZ7GopBoT8AivpcsU1Oq7wq32u4p7c1jlnybcow==
Age: 2043

www.britinn.at/

199.34.228.69

200 OK

8.8 kB

URL HTTP/1.1
www.britinn.at/
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2247), with CRLF, LF line terminators
Size
8.8 kB (8787 bytes)
Hash
7a7c8aa13d2907c2e70c742276823c57
c27fd3c21a9f3dc349b8aae82c995ff31643327b
21a7391c39cf3059ac0d63d68eaffd4bd3c9cff617ffb09fa83e637c7f81ec8d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 08:37:25 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.britinn.at
language=en; expires=Thu, 29-Sep-2022 08:37:25 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"a6408e528ba00d4ba54923e3507cc18c-gzip"
Content-Encoding: gzip
X-Host: grn26.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 8787
Keep-Alive: timeout=10, max=8
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn2.editmysite.com/css/old/fancybox.css?1661298829

151.101.85.46

200 OK

1.2 kB

URL HTTP/1.1
cdn2.editmysite.com/css/old/fancybox.css?1661298829
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3910)
Size
1.2 kB (1218 bytes)
Hash
b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

GET /css/old/fancybox.css?1661298829 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 08 Sep 2022 20:48:48 GMT
ETag: "631a5530-f47"
Expires: Tue, 27 Sep 2022 11:25:57 GMT
Cache-Control: max-age=1209600
X-Host: blu85.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1218
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 162688
Connection: keep-alive
X-Served-By: cache-sjc10074-SJC, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663231046.063195,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

cdn2.editmysite.com/css/sites.css?buildTime=1661298829

151.101.85.46

200 OK

30 kB

URL HTTP/1.1
cdn2.editmysite.com/css/sites.css?buildTime=1661298829
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29723 bytes)
Hash
47fce46b49e95d7c570a5fa1600f25a7
d927380977eae6001d9734e67ea666b261a520e4
c81b992fe5e5b2ab4c92f2dbb28e6755aaf1ff26f8df15b306f1118423fa3785

HTTP Headers

GET /css/sites.css?buildTime=1661298829 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 02 Sep 2022 18:13:15 GMT
ETag: W/"631247bb-342c0"
Expires: Tue, 20 Sep 2022 07:38:38 GMT
Cache-Control: max-age=1209600
X-Host: grn144.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 29723
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 781128
Connection: keep-alive
X-Served-By: cache-sjc10026-SJC, cache-bma1627-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1663231046.063399,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

cdn2.editmysite.com/js/lang/de/stl.js?buildTime=1661298829&

151.101.85.46

200 OK

37 kB

URL HTTP/1.1
cdn2.editmysite.com/js/lang/de/stl.js?buildTime=1661298829&
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
HTML document, Unicode text, UTF-8 text, with very long lines (64820)
Size
37 kB (36676 bytes)
Hash
3bacd629bbb9243afa4fea31d9336161
9b9974127dfbbf60feca312257ec973365f2a963
19be869ebdf4121af00278b7c953c6a2d7c1d6873bfabc9c7d5cd094efb0459f

HTTP Headers

GET /js/lang/de/stl.js?buildTime=1661298829& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 06 Sep 2022 22:08:26 GMT
ETag: "6317c4da-2e5a0"
Expires: Tue, 20 Sep 2022 23:56:25 GMT
Cache-Control: max-age=1209600
X-Host: blu88.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 36676
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 722460
Connection: keep-alive
X-Served-By: cache-sjc10029-SJC, cache-bma1654-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663231046.062712,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext

142.250.74.10

200 OK

471 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
471 B (471 bytes)
Hash
0c25875b36f3fb245e7c2fd59057d479
8135703d160ed58535e2bc51db78aefb9a8b3907
a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945

HTTP Headers

GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 15 Sep 2022 08:37:26 GMT
Date: Thu, 15 Sep 2022 08:37:26 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1661298829

151.101.85.46

200 OK

159 kB

URL HTTP/1.1
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1661298829
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32007)
Size
159 kB (159023 bytes)
Hash
6e8429d43e97b3e6068e2bc14358e4ae
c0dfe0c8359869c30fe3e4136b7ddb135dd60813
a9db5e1410459ab4c06b3aed065c6bc8c2cc47f791cb3ad7ed28b67dc4590fd7

HTTP Headers

GET /js/site/main-customer-accounts-site.js?buildTime=1661298829 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 06 Sep 2022 22:09:30 GMT
ETag: "6317c51a-82592"
Expires: Tue, 20 Sep 2022 23:55:34 GMT
Cache-Control: max-age=1209600
X-Host: blu9.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 159023
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 722511
Connection: keep-alive
X-Served-By: cache-sjc10027-SJC, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2
X-Timer: S1663231046.063270,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6025
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:26 GMT
Last-Modified: Thu, 15 Sep 2022 06:57:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

cdn2.editmysite.com/js/site/main.js?buildTime=1661298829

151.101.85.46

200 OK

472 B

URL HTTP/1.1
cdn2.editmysite.com/js/site/main.js?buildTime=1661298829
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
data
Size
472 B (472 bytes)
Hash
c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49

HTTP Headers

GET /js/site/main.js?buildTime=1661298829 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Thu, 08 Sep 2022 20:49:09 GMT
ETag: "631a5545-74804"
Expires: Mon, 26 Sep 2022 12:37:17 GMT
Cache-Control: max-age=1209600
X-Host: grn120.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 146400
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 244809
Connection: keep-alive
X-Served-By: cache-sjc10043-SJC, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1
X-Timer: S1663231046.063069,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

www.britinn.at/files/main_style.css?1661345964

199.34.228.69

200 OK

2.5 kB

URL HTTP/1.1
www.britinn.at/files/main_style.css?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
ASCII text, with very long lines (342)
Size
2.5 kB (2517 bytes)
Hash
b68c6665b974df396f66a632583ac3f7
1f6e2ab2bc419cfcce50aca4169f58d228bafb22
b91234c27b430aca043334f8153ecd9f8c5a8e1e6208964c8a5f5772cfd5193d

HTTP Headers

GET /files/main_style.css?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.138

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65483)
Size
34 kB (33593 bytes)
Hash
a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830

HTTP Headers

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.britinn.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 06:15:30 GMT
expires: Sun, 10 Sep 2023 06:15:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 440516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.britinn.at/uploads/3/7/7/7/37773369/published/uni-logo.jpg?1651733880

199.34.228.69

200 OK

5.6 kB

URL HTTP/1.1
www.britinn.at/uploads/3/7/7/7/37773369/published/uni-logo.jpg?1651733880
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 241x95, components 3\012- data
Size
5.6 kB (5582 bytes)
Hash
784d19e803415686447423e61a87bcbc
337109ebe9ef0672511d399260b74b77de7429b7
0aa2a3d07a27161a3f794749e1970f301e8a6702af9786445b87af3b51c4acab

HTTP Headers

GET /uploads/3/7/7/7/37773369/published/uni-logo.jpg?1651733880 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/jpeg
Content-Length: 5582
Connection: keep-alive
Last-Modified: Thu, 05 May 2022 06:58:00 GMT
x-rgw-object-type: Normal
ETag: "784d19e803415686447423e61a87bcbc"
x-amz-request-id: tx00000000000002fd90e6b-00630cd168-c033918-sfo1
X-Storage-Bucket: z0aa2
X-Storage-Object: 0aa2a3d07a27161a3f794749e1970f301e8a6702af9786445b87af3b51c4acab
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes

cdn2.editmysite.com/js/wsnbn/snowday262.js

151.101.85.46

200 OK

26 kB

URL HTTP/1.1
cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2512)
Size
26 kB (25752 bytes)
Hash
234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75

HTTP Headers

GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 30 Aug 2022 19:50:08 GMT
ETag: "630e69f0-124fe"
Expires: Thu, 15 Sep 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: grn123.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 25752
Accept-Ranges: bytes
Date: Thu, 15 Sep 2022 08:37:26 GMT
Age: 1209525
Connection: keep-alive
X-Served-By: cache-sjc10034-SJC, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 8130
X-Timer: S1663231046.383608,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.britinn.at
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Sep 2022 17:26:04 GMT
Expires: Wed, 13 Sep 2023 17:26:04 GMT
Cache-Control: public, max-age=31536000
Age: 141082
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.britinn.at
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 13 Sep 2022 18:18:35 GMT
Expires: Wed, 13 Sep 2023 18:18:35 GMT
Cache-Control: public, max-age=31536000
Age: 137931
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oi+ZnjcGcnbw539WZEmyDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cDsb2arLlikNOVLPLpqAs7V2HOU=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ed97a4b82680caefc4ffdebf786e12fc
a638a68f346844709bac57a92bf3d2c28043165e
b81ed44963f5d8b54c62e7fe18db301d3c8eeaf8fbbfb099270562156e12fdc9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?_=1663231031542

142.250.74.164

200 OK

557 B

URL HTTP/2
www.google.com/recaptcha/api.js?_=1663231031542
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
557 B (557 bytes)
Hash
2ccc89f867610ca13b2456db03928f05
d9816baef3ded701d95b61e184d8b7fe2f473c09
fb834adb29f4d3ba0653177176a82a136a06fd8cf8c55583372eabf7212eb25b

HTTP Headers

GET /recaptcha/api.js?_=1663231031542 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.britinn.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 15 Sep 2022 08:37:26 GMT
date: Thu, 15 Sep 2022 08:37:26 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.britinn.at/files/theme/social-midgrey.png?1661345964

199.34.228.69

200 OK

5.6 kB

URL HTTP/1.1
www.britinn.at/files/theme/social-midgrey.png?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 220 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5563 bytes)
Hash
d84dad177ab19b76cf5b678a7e0901c9
985e525e199194d90f0d5eda6b3d182b3f2ca016
9ec9037a30e899c5753f10f513f84335665bf272404e656b1564f44ab718342d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/social-midgrey.png?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/files/main_style.css?1661345964
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png; charset=binary
Content-Length: 5563
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2020 15:22:55 GMT
x-rgw-object-type: Normal
ETag: "d84dad177ab19b76cf5b678a7e0901c9"
x-amz-request-id: tx0000000000000242bd82b-0062ba33d2-b9fbc29-sfo1
X-Storage-Bucket: z9ec9
X-Storage-Object: 9ec9037a30e899c5753f10f513f84335665bf272404e656b1564f44ab718342d
X-Host: grn80.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.britinn.at/uploads/3/7/7/7/37773369/published/banner-britinn.png?1500554436

199.34.228.69

200 OK

31 kB

URL HTTP/1.1
www.britinn.at/uploads/3/7/7/7/37773369/published/banner-britinn.png?1500554436
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 1020 x 131, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (30978 bytes)
Hash
044e73a1af51b10d7bf2848eabca8e7a
50e5d98415ae1553ce467acc1c712ce9d5d233c0
91e0ecb12d427d00bd467fdb66850a984813584b022a1b7f3d439202ae3930ae

HTTP Headers

GET /uploads/3/7/7/7/37773369/published/banner-britinn.png?1500554436 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png
Content-Length: 30978
Connection: keep-alive
Last-Modified: Sun, 01 Dec 2019 22:06:08 GMT
x-rgw-object-type: Normal
ETag: "044e73a1af51b10d7bf2848eabca8e7a"
x-amz-request-id: tx000000000000017c518eb-0062e65de3-bfe27ea-sfo1
X-Storage-Bucket: z91e0
X-Storage-Object: 91e0ecb12d427d00bd467fdb66850a984813584b022a1b7f3d439202ae3930ae
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/files/theme/nav-bg.png?1661345964

199.34.228.69

200 OK

191 B

URL HTTP/1.1
www.britinn.at/files/theme/nav-bg.png?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 5 x 41, 8-bit/color RGB, non-interlaced\012- data
Size
191 B (191 bytes)
Hash
f4cba4637f3222fbc7ba17d148343edc
e8b4735747f654a05b079f74c3c62e72c82742d8
4c1b6cfd7365c3d84ad8f33c67a767e34247a4627991cd1dd6c8aa1130d4c2bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/nav-bg.png?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/files/main_style.css?1661345964
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png; charset=binary
Content-Length: 191
Connection: keep-alive
Last-Modified: Tue, 09 Jun 2020 02:18:27 GMT
x-rgw-object-type: Normal
ETag: "f4cba4637f3222fbc7ba17d148343edc"
x-amz-request-id: tx000000000000002085238-0061a814aa-a9f6a62-sfo1
X-Storage-Bucket: z4c1b
X-Storage-Object: 4c1b6cfd7365c3d84ad8f33c67a767e34247a4627991cd1dd6c8aa1130d4c2bb
X-Host: blu39.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/files/theme/button_highlight.png?1661345964

199.34.228.69

200 OK

2.9 kB

URL HTTP/1.1
www.britinn.at/files/theme/button_highlight.png?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2926 bytes)
Hash
4def4773f972f5c86b9cbd26cfe5216c
3a9744d946db1226b59cc311d6710dfa38ea0d2b
52cbf0026dbde80e513bf2ec1ec170cf033bd679bf77e34482368f11fed56251

HTTP Headers

GET /files/theme/button_highlight.png?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/files/main_style.css?1661345964
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png; charset=binary
Content-Length: 2926
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2020 15:22:53 GMT
x-rgw-object-type: Normal
ETag: "4def4773f972f5c86b9cbd26cfe5216c"
x-amz-request-id: tx00000000000000310a0de-0061a955b0-a9f4046-sfo1
X-Storage-Bucket: z52cb
X-Storage-Object: 52cbf0026dbde80e513bf2ec1ec170cf033bd679bf77e34482368f11fed56251
X-Host: grn69.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/files/theme/button.png?1661345964

199.34.228.69

200 OK

2.7 kB

URL HTTP/1.1
www.britinn.at/files/theme/button.png?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2681 bytes)
Hash
0688ef3cf6be95f68cf3ecd514f49911
78246964b419e8f71ff7cbb76ad0c8a04bed87b5
7efdc5ad971fe0a8d4939bd9b441fc9658ed2b0007ad2c68ecce330f877c9d00

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/button.png?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/files/main_style.css?1661345964
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png; charset=binary
Content-Length: 2681
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2020 15:22:53 GMT
ETag: "0688ef3cf6be95f68cf3ecd514f49911"
x-amz-request-id: tx00000000000000152190d-0061282084-a51d2b5-sfo1
X-Storage-Bucket: z7efd
X-Storage-Object: 7efdc5ad971fe0a8d4939bd9b441fc9658ed2b0007ad2c68ecce330f877c9d00
X-Host: grn42.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/files/theme/field.png?1661345964

199.34.228.69

200 OK

149 B

URL HTTP/1.1
www.britinn.at/files/theme/field.png?1661345964
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
PNG image data, 5 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
75ca98a284650ab482c9256e5609e371
6325c898af731351d7aaf12124a720ac34349514
1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/field.png?1661345964 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/files/main_style.css?1661345964
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/png; charset=binary
Content-Length: 149
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 00:23:32 GMT
x-rgw-object-type: Normal
ETag: "75ca98a284650ab482c9256e5609e371"
x-amz-request-id: tx000000000000001b05a35-0062847d57-b9fbc77-sfo1
X-Storage-Bucket: z1f98
X-Storage-Object: 1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/uploads/3/7/7/7/37773369/published/rewi-european-law-108_2.jpg?1661333829

199.34.228.69

200 OK

28 kB

URL HTTP/1.1
www.britinn.at/uploads/3/7/7/7/37773369/published/rewi-european-law-108_2.jpg?1661333829
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 531x246, components 3\012- data
Size
28 kB (28360 bytes)
Hash
e30295b78faf15e8d6cb9e76a9027c2f
ba15637176dbc8439cdbb093419bab7c80edebb7
cc36b0fed9de901fe602dc352cb5c18d3e6c8c768490b7735d7c08b67e24b048

HTTP Headers

GET /uploads/3/7/7/7/37773369/published/rewi-european-law-108_2.jpg?1661333829 HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/jpeg
Content-Length: 28360
Connection: keep-alive
Last-Modified: Wed, 24 Aug 2022 09:37:09 GMT
x-rgw-object-type: Normal
ETag: "e30295b78faf15e8d6cb9e76a9027c2f"
x-amz-request-id: tx00000000000002cd1799d-006307e08d-bfe27ea-sfo1
X-Storage-Bucket: zcc36
X-Storage-Object: cc36b0fed9de901fe602dc352cb5c18d3e6c8c768490b7735d7c08b67e24b048
X-Host: blu137.sf2p.intern.weebly.net
Accept-Ranges: bytes

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

35.82.13.103

200 OK

0 B

URL HTTP/1.1
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
35.82.13.103:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.britinn.at/
Origin: http://www.britinn.at
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.britinn.at
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

35.82.13.103

200 OK

2 B

URL HTTP/1.1
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
35.82.13.103:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1767
Origin: http://www.britinn.at
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=9b2e7670-2f5e-41c1-9193-d8de05206df6; Expires=Fri, 15 Sep 2023 08:37:26 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.britinn.at
Access-Control-Allow-Credentials: true

www.google-analytics.com/ga.js

142.250.74.174

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 15 Sep 2022 07:04:55 GMT
Expires: Thu, 15 Sep 2022 09:04:55 GMT
Cache-Control: public, max-age=7200
Age: 5552
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.britinn.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 06:41:12 GMT
expires: Thu, 15 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 6975
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

142.250.74.163

200 OK

157 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (539)
Size
157 kB (157166 bytes)
Hash
026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34

HTTP Headers

GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.britinn.at
Connection: keep-alive
Referer: http://www.britinn.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:23:20 GMT
expires: Wed, 13 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
age: 141247
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.britinn.at/favicon.ico

199.34.228.69

200 OK

6.5 kB

URL HTTP/1.1
www.britinn.at/favicon.ico
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Size
6.5 kB (6518 bytes)
Hash
9c3d4ce8fedb71a64e6d939519d1c5cf
46ac07d5cddf3158fdc1ba4ae51868c6e3523d42
26e147dd56c82174d2c8f69fb85b9c8539168cae5966339defb2943de1a2b87a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en; _snow_ses.8080=*; _snow_id.8080=5b568d1c-7a47-4aef-b7c2-a5b767626be2.1663231032.1.1663231032.1663231032.a7516964-f2cf-4378-aa5b-5f67f362ab57

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:27 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Sun, 22 Mar 2020 10:42:15 GMT
ETag: "9c3d4ce8fedb71a64e6d939519d1c5cf"
x-amz-request-id: tx0000000000001910ac61e-006127052f-15b3dc2-las
X-Storage-Bucket: z26e1
X-Storage-Object: 26e147dd56c82174d2c8f69fb85b9c8539168cae5966339defb2943de1a2b87a
X-Host: grn42.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/uploads/3/7/7/7/37773369/background-images/1422868797.jpg

199.34.228.69

200 OK

100 kB

URL HTTP/1.1
www.britinn.at/uploads/3/7/7/7/37773369/background-images/1422868797.jpg
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x533, components 3\012- data
Size
100 kB (100343 bytes)
Hash
07a891ec6463d88dcb7acd30693d8188
0f068366a1f2669ede7c83a522cfbb80118abd12
7af961c441b97257ccaee3518f45e79407922ac535b52027ce126e72afdcd272

HTTP Headers

GET /uploads/3/7/7/7/37773369/background-images/1422868797.jpg HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 08:37:26 GMT
Content-Type: image/jpeg
Content-Length: 100343
Connection: keep-alive
Last-Modified: Sun, 01 Dec 2019 22:05:04 GMT
x-rgw-object-type: Normal
ETag: "07a891ec6463d88dcb7acd30693d8188"
x-amz-request-id: tx0000000000000158c828e-0062e26502-c0351c8-sfo1
X-Storage-Bucket: z7af9
X-Storage-Object: 7af961c441b97257ccaee3518f45e79407922ac535b52027ce126e72afdcd272
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.britinn.at/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]

199.34.228.69

200 OK

375 B

URL HTTP/1.1
www.britinn.at/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
199.34.228.69:0
ASN
#27647 WEEBLY

File type
JSON data\012- , ASCII text, with very long lines (375), with no line terminators
Size
375 B (375 bytes)
Hash
ee5bd2747c30496476cc0895392da3ae
5d0090c69cb42c47b1430094589d72c83b48dcd3
8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.britinn.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.britinn.at
Connection: keep-alive
Referer: http://www.britinn.at/
Cookie: is_mobile=0; language=en; _snow_ses.8080=*; _snow_id.8080=5b568d1c-7a47-4aef-b7c2-a5b767626be2.1663231032.1.1663231032.1663231032.a7516964-f2cf-4378-aa5b-5f67f362ab57

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 08:37:27 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu69.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 375
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15280
Expires: Thu, 15 Sep 2022 12:52:07 GMT
Date: Thu, 15 Sep 2022 08:37:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3951 bytes)
Hash
aaf675adec05212317877a5f479d11a7
cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _BTSN2zHd-FiETAJVrQhk9Odsn_M3GGs0nU0QpLrE9Rpin0VQPzy2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:41 GMT
age: 37066
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9400 bytes)
Hash
4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 44150
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb961f65f-5b81-44f3-851d-bafffccf0ae1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6558 bytes)
Hash
528c3605e00eb3cf84d85a4ed34a3e46
1da888b7fe22e67e845f3acd24ae47621ae23dd9
31bbd3e8ee3f0d3e0d4137dca7db1f2d3c92fdc203e4d1dbf5980cdb9124a07d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb961f65f-5b81-44f3-851d-bafffccf0ae1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6558
x-amzn-requestid: 098e96ca-8295-4321-ab89-99d3e78badb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeDRIF7poAMFwHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63224c07-520eb2ff31e299f05e472ab8;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:47:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VnjLjBN7XjBsD2NIC6Ur8uoqkiuIkRlMtA1xpO82DhaKjZuC-hnAaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:48:19 GMT
age: 38948
etag: "1da888b7fe22e67e845f3acd24ae47621ae23dd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10633 bytes)
Hash
f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 8dbc7f5f-1cb9-4b45-913d-2d4db71449fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSvG98IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f44-3094163533977c6d1ee90274;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Gx5Pfp0fH7GtvITXwV1CVZlM6wbfIXmyk_4xZtIVf8qkmg0AyxBPQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:01 GMT
age: 44186
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8447 bytes)
Hash
5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 39042
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9630 bytes)
Hash
ebe7a0235de91cc1bf4cc6baecbf43f5
fb0078b3be78ca41f46c102148b9e801cfacba8e
6b35ef88d4ca58338480a87d0b0143fc4e1885427735d5ea48ba6e99aa882678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9630
x-amzn-requestid: c48fade7-f2d1-480e-a411-9bfd080b4b92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXwx8Fe-oAMFtiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fc80c-20c8930c7269503e6195fe72;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 00:00:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bFdVw0FZgpuFUOM1MQPSvXByye8bqcrEXDc6O3rFwQKgUOvLxoT7Xg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:22 GMT
age: 79183
etag: "fb0078b3be78ca41f46c102148b9e801cfacba8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations