Report - leonmediabepdx.k1-sporthotel.de/

Report Overview

Submitted URL
leonmediabepdx.k1-sporthotel.de/
IP
89.22.100.170
ASN
#45012 dogado GmbH
Submitted
2022-12-02 01:57:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
maps.googleapis.com	33876	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	56 kB	142.250.74.10
www.k1-sporthotel.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	3.2 kB	89.22.100.170
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	41 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	199 kB	216.58.207.227
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.2 kB	142.250.74.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.186.169.128
leonmediabepdx.k1-sporthotel.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	4.5 MB	89.22.100.170
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	95.101.11.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_88-Yen2l	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/Scripts/site.js	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/Scripts/google-ratings.js	Phishing
2022-12-02	medium	leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	maps.googleapis.com/maps-api-v3/api/js/51/2/onion.js	27 kB	2023-03-08	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:52 Last Seen2023-03-11 23:52:48 Times Seen1 Hash a4e562923600d6d71cc5bf35a00eae47 fd698438370a35c4e24a423a7398854bdf1a6591 fa952709fa4f2d289ab967076ea503aac2b25598af23c3a4e962905b884ff173 Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fleonmediabepdx.k1-sporthotel.de%2F&4sAIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&8b0&callback=_xdc_._2mspls&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&token=19935	62 B	2023-03-08	2023-05-09
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fleonmediabepdx.k1-sporthotel.de%2F&4sAIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&8b0&callback=_xdc_._2mspls&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&token=19935 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:21 Last Seen2023-05-09 02:37:55 Times Seen3 Hash 89d78c9b6daee1ec107ceba9c141ffd3 92268cb75b2cac93d00ee50c01481c2fb64c8192 f190d9841699d43082ebd083e4b81a9f0f57585872136c10fbfef08dd2fe1360 Loading...

	leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js	37 kB	2023-03-07	2024-04-26
Pretty URL leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-26 11:32:45 Times Seen34454 Hash c5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Loading...

	leonmediabepdx.k1-sporthotel.de/	263 B	2023-03-07	2023-05-09
Pretty URL leonmediabepdx.k1-sporthotel.de/ IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2023-05-09 02:37:55 Times Seen2 Hash f4c9b31aaefdcb6580df2d7cd830e480 2ab3eed34b44de4462ceb6040d7bde3129f6d764 2d4ac5ae3c8739551f09862a94dd8e70d11483625160756a2ecfe4e4030463ca Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/map.js	73 kB	2023-03-08	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:52 Last Seen2023-03-11 23:52:48 Times Seen1 Hash 4869740252e68a1c77e9c89f5c34c65c 86f362a4b77470a409d4ce446688905ab2297f90 2ad1214ac7de8037dc1cc5ea2e9ec32b9e656ecffef354809dd937e711ffdee9 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/common.js	255 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:47 Last Seen2023-03-12 16:22:26 Times Seen1 Hash c189cf894d42e8a36254fe06edfbef0b 41fc57570e3544edbd83110bb812503c1608b034 32a21f5208395435a2607c4980b663c15b20d0ecb57647193fccedf6fe2772cb Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/controls.js	89 kB	2023-03-08	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:52 Last Seen2023-03-11 23:52:49 Times Seen1 Hash b333f5f5e4f77d32cecc7a32179525a2 7374fa51dbcc3985ca957977ad85d8d494780fd3 861a0e07acb61b96bfc42f7c04421fdbd7f649eee84867458875765bf1e46f65 Loading...

	leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-26 12:59:44 Times Seen10419 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	leonmediabepdx.k1-sporthotel.de/	408 B	2023-03-07	2023-05-09
Pretty URL leonmediabepdx.k1-sporthotel.de/ IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2023-05-09 02:37:55 Times Seen2 Hash e253c74b6e65ad3b46a7b74b2d061a84 f78454d31b6fd40e140c2b53e99e3b9a00d85b50 7b511d33b2c7a488ee803785bc00eb97fc9244e169fc33fa8b22aa59999d8947 Loading...

	leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js	335 B	2023-03-07	2023-05-09
Pretty URL leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2023-05-09 02:37:55 Times Seen3 Hash 30f4861a4fc1cc692105f0c2f4d873c6 4a22231710bc1d9136831d223f85fd87df0f1797 b119ec17a7b7cb0df27c7ef85ee4b1296d7eedd5d0ebda1a1b9d625eba5e0f0d Loading...

	leonmediabepdx.k1-sporthotel.de/Scripts/site.js	1.2 kB	2023-03-07	2023-05-09
Pretty URL leonmediabepdx.k1-sporthotel.de/Scripts/site.js IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2023-05-09 02:37:55 Times Seen3 Hash 27ac2d7162adfb2d74e9b41945341b17 e767f01cbefd0143992375df1c071201fdf07328 1b211fa9be654ac49595b541611fd50e3e47a974e0084bc630ead5cd5e839612 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/places_impl.js	48 kB	2023-03-08	2023-03-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/places_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:21 Last Seen2023-03-11 23:52:24 Times Seen1 Hash decc4179c30bf7b8f5bed7d75ec0aca4 ed5637987083ceed9a204c3aa138c1bd9869d41a 6d0ec63ac52fae619c516feb7a27e6374ec3204b6fbc60f94931c2b14704bd0b Loading...

	maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places	171 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:21 Last Seen2023-03-08 14:23:21 Times Seen1 Hash bf75a3b27c45fb48f654e8ab58e74e7c 02b1718aa4aab3c3348a23ae1963646d2bbc510e ef1838662e0804ecd07f2de403b76f3f22beecbc8787607cbd4d018f70517850 Loading...

	leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc	14 MB	2023-03-07	2023-03-13
Pretty URL leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc IP 89.22.100.170 ASN #45012 dogado GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2023-03-13 20:56:51 Times Seen1 Hash 25272feb55b49f1c522a24e634c16252 00daab3c37649aa4accdfb4270ee9c0258a6ab4e a89bbe2cc17426812315dac9a3433dd0598614890e7a03b06f4993cf352f0b11 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/2/util.js	170 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/2/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:47 Last Seen2023-03-12 16:22:26 Times Seen1 Hash 57abc24730c5e3098df038528852b6bb bc15e0c81c4aaca2cbf840a357622a398d0299c6 ab0897fa86882119e4c205194b220af856781975b3485fd97df8ffda72835f0e Loading...

HTTP Transactions (55)

URL IP Response Size

leonmediabepdx.k1-sporthotel.de/

89.22.100.170

301 Moved Permanently

193 B

URL HTTP/1.1
leonmediabepdx.k1-sporthotel.de/
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Size
193 B (193 bytes)
Hash
0e94b028f6240126d4e65551d6eaa1c5
b00f7529dce9ee2b63b4b338828529599bbb2099
4ec3e203f1ed2199367296430125185ea8f712ce52e3d1840b1c204db2698078

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://leonmediabepdx.k1-sporthotel.de/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 02 Dec 2022 01:57:05 GMT
Content-Length: 193

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4007
Expires: Fri, 02 Dec 2022 03:03:52 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5704
Cache-Control: max-age=122951
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:05 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:06:16 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Fri, 02 Dec 2022 02:56:28 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2335
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OiezOmJuod4xTdOPO1MsyDh2ck0zl6KLZwMzuoC0xTPn+ki12Ruxd1HGnLEsTpy7ogTjhBKQrHM=
x-amz-request-id: 8WM231RWD7XFEGK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 01:45:53 GMT
age: 672
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:57:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
433ed29fd3e63d3f2f4ef964ee461413
28192afed869aea3183e049dde0a7406c0a0cbb2
135bce7430819a634abecb7d1a632e4d5662abfaa98dbd19cd1f3ec8ca6d7784

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "135BCE7430819A634ABECB7D1A632E4D5662ABFAA98DBD19CD1F3EC8CA6D7784"
Last-Modified: Fri, 02 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 07:57:05 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive

leonmediabepdx.k1-sporthotel.de/

89.22.100.170

200 OK

16 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1031), with CRLF, LF line terminators
Size
16 kB (15861 bytes)
Hash
ae1d2128adf6ba634344bcfc321f9042
88ebd1a4710148cd29e6b7f0578730d1fa039417
57a504d2708b511ad48606760239727b03d5bef7ccb80f6e66976e03ab14f903

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:05 GMT
content-length: 15861
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_88-Yen2l

89.22.100.170

200 OK

43 B

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_88-Yen2l
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /DXR.axd?r=1_88-Yen2l HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: image/gif
expires: Sat, 03 Jul 2021 16:48:24 GMT
last-modified: Fri, 03 Jul 2020 16:48:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 43
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js

89.22.100.170

200 OK

358 B

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with CRLF line terminators
Size
358 B (358 bytes)
Hash
1dc1c45bd2a4248701bf1f1b123b4785
d9bfc33d70df7ea892b7f82cf428671cadef7ad2
ccb27feb19c121daf6fe8f9d2ea5bfeb3d59fd1f446306cb34ebf158045bfb92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/google_rating.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:55:14 GMT
accept-ranges: bytes
etag: "a89dfcb85a51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 358
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places

142.250.74.10

200 OK

56 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2459)
Size
56 kB (55768 bytes)
Hash
32dde597043603c6677e6c05bcec19b0
f5e80cf96f5e845657e869a958c0967670f1f1c7
68e738a0cc7e6ad4fcd22509643feaf721a66dec4dc7dafac2f882634e483ac5

HTTP Headers

GET /maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 01:57:06 GMT
expires: Fri, 02 Dec 2022 02:27:06 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55768
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

670 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
670 B (670 bytes)
Hash
01b11b09cdb622c15efd7b42585d4334
c711738cab5aed38cc1e11d90d74f299526d371d
aacaac45a56c66a3da5ffc45e95d08cc43c9a49ea209c6c4a2650aebe5be19dc

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 01:57:06 GMT
date: Fri, 02 Dec 2022 01:57:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5701
Cache-Control: max-age=117884
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:41:50 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l

89.22.100.170

200 OK

210 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with very long lines (5388), with CRLF line terminators
Size
210 kB (209848 bytes)
Hash
56cb9d274568480a0badde87808fff48
eb2d588a25030f3c2900a24b4ecdbdbfb88e5db8
4a1f425e0db129870eee3b3c1fccc9b1ff83b42d5010f8b405e57955eeadaf1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css
content-encoding: gzip
expires: Sat, 03 Jul 2021 16:48:32 GMT
last-modified: Fri, 03 Jul 2020 16:48:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 209848
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Content/site.css

89.22.100.170

200 OK

11 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Content/site.css
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with CRLF line terminators
Size
11 kB (10953 bytes)
Hash
d262e45226b938a19d8bc8d4bdee031a
14e56a001ba0e0657bf37df56114f3a1dcd38125
f55bb00350989c04819f6cfca65157560721ddeebe603355599b0f0834493b7a

HTTP Headers

GET /Content/site.css HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 05:13:33 GMT
accept-ranges: bytes
etag: "77d4a85c1d54d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 10953
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js

89.22.100.170

200 OK

37 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with very long lines (32003)
Size
37 kB (36896 bytes)
Hash
5d768fa0401808a1ba60e21c226a6c05
5470e3a384b89f6ef125ee793b4065d5b3e48a49
fe0cb52bce8a3324db36ce5207b65f043093d4b667e7f590db3961cf852d4d08

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/bootstrap.min.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:41 GMT
accept-ranges: bytes
etag: "cd8040f25951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 36896
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Scripts/site.js

89.22.100.170

200 OK

1.2 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Scripts/site.js
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1184 bytes)
Hash
6208631849f2c70d3a6038ea883547f0
c02bd030b752c53ad600cf771a9169b210bfb30d
688056a94f370065cddd18a5b662a4b2954cb37ac0dbac8e0eb86bfa296a3d1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/site.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:48 GMT
accept-ranges: bytes
etag: "3d25b4f65951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 1184
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/EBike-2px.png

89.22.100.170

200 OK

170 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/EBike-2px.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
170 kB (170011 bytes)
Hash
ea723381ba348b3c4d481084f70007e0
21af2641291ab4e53151c8fdb97fe47102c6f42b
1491b57df042727757aab89b72efa902cb45afdc5907390911d988b1f04d634e

HTTP Headers

GET /Images/EBike-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:22 GMT
accept-ranges: bytes
etag: "c2def6e65951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 170011
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/Monsterroller-2px.png

89.22.100.170

200 OK

172 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/Monsterroller-2px.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
172 kB (172207 bytes)
Hash
dc1d00a93d30d67e4bd753f4b91a7604
fa9e40b0ee568f0648a0443c3e7f3e3414011f61
02d5dff2ff7006777e5b69133c660c81067512279a7f6b30a28d28f5776050db

HTTP Headers

GET /Images/Monsterroller-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:25 GMT
accept-ranges: bytes
etag: "a779d8e85951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 172207
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-mountaincart.png

89.22.100.170

200 OK

242 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-mountaincart.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
242 kB (242236 bytes)
Hash
57d65ffd0b40086f86b07743edda4409
c5422e4dfead336cb1f8c982cbaa896c38a0ae9d
6b922c3cf56b3918cbffce04c209d58d8d682d3d016b8248400518355e00f049

HTTP Headers

GET /Images/index-partial-home-mountaincart.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "f26fece75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 242236
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/Rodel-2px.png

89.22.100.170

200 OK

118 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/Rodel-2px.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
118 kB (117646 bytes)
Hash
2dcb2d733c37df88d256a6c56081d1a9
90d92e7e5fde02bcaafb78f7d2f548d056ead2e7
df6f396d809cd55fa7045b56665eac9efbe79d5d2779c781d40971768755c74a

HTTP Headers

GET /Images/Rodel-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "49f6f8e95951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 117646
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/Ski-px2.png

89.22.100.170

200 OK

92 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/Ski-px2.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
92 kB (92373 bytes)
Hash
d9b7ccaba81bf45d3235bbcc382611f3
7207ceba44af43cc75818fc0e59f94c69a2920fc
b6b265b7bdcef6bfea516c0318b14849a92d0a38c6a297e88e68301f9a162672

HTTP Headers

GET /Images/Ski-px2.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "2e7e21ea5951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 92373
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Scripts/google-ratings.js

89.22.100.170

200 OK

5.1 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Scripts/google-ratings.js
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with CRLF line terminators
Size
5.1 kB (5079 bytes)
Hash
29fea24c3465230bc46f9b21e1a1a7ea
c1f23e074181d9bd6aea39c69440b3e7e13a544f
1adbd320ed69f26b75df00ce940bbc70082226ecbad03f65b931662d3523f796

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/google-ratings.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:55:14 GMT
accept-ranges: bytes
etag: "b89b1bb95a51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 5079
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-flyline.png

89.22.100.170

200 OK

227 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-flyline.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
227 kB (226898 bytes)
Hash
7694071cb4b6265f974c90e1f23f96b6
fb689281d733c938740c7488c1a87192deb4f626
e1f2a19b9bcbc24b27c4aa5f58d83199f2b650ab5a925f26319a28c0a910825c

HTTP Headers

GET /Images/index-partial-home-flyline.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "9386c1e75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 226898
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-wanderkurs.png

89.22.100.170

200 OK

183 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-wanderkurs.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
183 kB (182750 bytes)
Hash
247c2069d3a888a10a9e15dfee96818e
d6b8b94b5e5d97a59325b6498ff683aff700e838
c9fa67241b8dfd56028050c96d8cbf779d940ab9daeb2dc3ce4098dcffa67752

HTTP Headers

GET /Images/index-partial-home-wanderkurs.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:24 GMT
accept-ranges: bytes
etag: "87f814e85951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 182750
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5656ce989e6a6f8a74c1587ef96329d5
e1438168090515455fbdd86ad97618ef09762dfb
cb630b3271a4f647bf8c56aa3a98adca5e8c8daee092ae7abc850d62edc862f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB630B3271A4F647BF8C56AA3A98ADCA5E8C8DAEE092AE7ABC850D62EDC862F8"
Last-Modified: Thu, 01 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 07:57:06 GMT
Date: Fri, 02 Dec 2022 01:57:06 GMT
Connection: keep-alive

leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-bikekurs.png

89.22.100.170

200 OK

151 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-bikekurs.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size
151 kB (150966 bytes)
Hash
12442960c51d987975cd214b6be41f09
0ecdbedf947a16a9127afce4032779c96c572629
f186c038730ce45beebc78c2f06f14844197b7d5a857ecab65d85cbeca29970c

HTTP Headers

GET /Images/index-partial-home-bikekurs.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "149b96e75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 150966
X-Firefox-Spdy: h2

www.k1-sporthotel.de/wp-content/uploads/2020/05/logo-k1-sporthotel-80.png

89.22.100.170

200 OK

3.0 kB

URL HTTP/2
www.k1-sporthotel.de/wp-content/uploads/2020/05/logo-k1-sporthotel-80.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
PNG image data, 88 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.0 kB (2952 bytes)
Hash
ecd007e6f9a44717c89534503965a9c3
4a38bbbea230bee850548012baa8398106a448a0
e07bb42a446d68e12b3b1d65f84b83b40bd8efbe23a07b5da892ed21338f04f8

HTTP Headers

GET /wp-content/uploads/2020/05/logo-k1-sporthotel-80.png HTTP/1.1
Host: www.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 02 Jun 2021 14:19:02 GMT
accept-ranges: bytes
etag: "ffcbf13cba57d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 2952
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.186.169.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.169.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y18Ijr1XOqTCGmH4MzKaFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HgPcGVc4mY4CYSiYzKKdlJ1IyK4=

leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc

89.22.100.170

200 OK

2.9 MB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
ASCII text, with very long lines (65451)
Size
2.9 MB (2866729 bytes)
Hash
55154f4589c8bf84b4dfc178010c6409
1f3ce3ec7f233cbbce4f237e600be99ea5332639
d294135d8b06d495f12ef485c6dfede221fffd8844cabb1011132345ecc81443

HTTP Headers

GET /DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/javascript
content-encoding: gzip
expires: Sat, 03 Jul 2021 16:48:32 GMT
last-modified: Fri, 03 Jul 2020 16:48:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:07 GMT
content-length: 2866729
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6564 bytes)
Hash
58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14952
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14952
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 67286
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 67067
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5967 bytes)
Hash
4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 14820
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Images/Skidepot-2px.png

89.22.100.170

200 OK

2.9 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Images/Skidepot-2px.png
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /Images/Skidepot-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "e454aea5951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 125990
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 284668
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 48468
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 20:33:17 GMT
expires: Fri, 01 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 19433
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/favicon.ico

89.22.100.170

200 OK

32 kB

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/favicon.ico
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
4859e39ae6c0f1f428f2126a6bb32bd9
1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Fri, 03 Jul 2020 16:47:05 GMT
accept-ranges: bytes
etag: "df2985955951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:10 GMT
content-length: 32038
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js

89.22.100.170

200 OK

0 B

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Scripts/jquery-1.11.3.min.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:44 GMT
accept-ranges: bytes
etag: "df2f16f45951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 01:57:06 GMT
date: Fri, 02 Dec 2022 01:57:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

leonmediabepdx.k1-sporthotel.de/Content/bootstrap.min.css

89.22.100.170

200 OK

0 B

URL HTTP/2
leonmediabepdx.k1-sporthotel.de/Content/bootstrap.min.css
IP
89.22.100.170:0
ASN
#45012 dogado GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/bootstrap.min.css HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:01 GMT
accept-ranges: bytes
etag: "2df9c5da5951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations