web8746.web07.bero-webspace.de/nieuw11/
301 Moved Permanently 162 B URL HTTP/1.1 web8746.web07.bero-webspace.de/nieuw11/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert openphish International Card Services B.V
fortinet Phishing
GET /nieuw11/ HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 03 Oct 2022 09:58:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://web8746.web07.bero-webspace.de/nieuw11/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4433
Expires: Mon, 03 Oct 2022 11:12:05 GMT
Date: Mon, 03 Oct 2022 09:58:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 09:03:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4c3c0be12954d0bfb5e695119bb76338.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 1I2CCUlqqU2gyP2fsvd7xPSjyMSjQtgyunpSP-brBB3A3zjXUe7Xnw==
Age: 3282
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 03:34:13 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 ca8dbf5658b41cf179a2ae3717fdfcca.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: s5IHEof8RdBiTBts-F5WOhfJtsIU1QOcm_Sab-BYCuxKdFiSCgElQA==
age: 23095
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 775f1b966e623e2295ca54cbf2a0e3b3
d4fface1266c3e8e00bc283eb1629fce53354872
271d975a1101203e046f51674c493e3485822eb97f4602e8a5a56e3af0b1b26f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "271D975A1101203E046F51674C493E3485822EB97F4602E8A5A56E3AF0B1B26F"
Last-Modified: Sat, 01 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 15:58:12 GMT
Date: Mon, 03 Oct 2022 09:58:12 GMT
Connection: keep-alive
web8746.web07.bero-webspace.de/nieuw11/
200 OK 16 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19360)
Hash d10f066c6c6361e2f0bb6818ba281e76
6d2da89cf22a29dc9bcd00439e6575610948705f
ff39b33af90ebf4fe8ea2861b1f8941574ec59496eb76986298ab7642aa6cd24
Analyzer Verdict Alert openphish International Card Services B.V
fortinet Phishing
GET /nieuw11/ HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: text/html; charset=UTF-8
content-length: 16174
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; path=/
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/js
200 OK 111 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/js
IP
File type ASCII text, with very long lines (1571)
Size 111 kB (110845 bytes)
Hash a6de53e4b3f6fda18ee2a9883ada2f2f
4c403c12f363f02a46db9bbafa72d527011e1777
358c3a6c47b288112cef0f6d932d8b7ce82ef30da914bd9bb25611d033a22d22
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/octet-stream
content-length: 110845
last-modified: Sat, 01 Oct 2022 14:59:48 GMT
etag: "633855e4-1b0fd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/plx.check.js
200 OK 209 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/plx.check.js
IP
Hash 65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/plx.check.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Sat, 01 Oct 2022 15:00:53 GMT
etag: "195-5e9fa60813c64-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/extra-veilig-inloggen.png
200 OK 2.6 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/extra-veilig-inloggen.png
IP
File type PNG image data, 193 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash d92d46789bd26332413f749c9049025f
bd82a9f760c742e15c609555753f25b7cb24b0a0
23b6fb0108b94d2d81693c51c160e6be5d60855078f0a042a13334e81b79dec9
GET /nieuw11/SCI/extra-veilig-inloggen.png HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: image/png
content-length: 2604
last-modified: Sat, 01 Oct 2022 14:59:19 GMT
etag: "633855c7-a2c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/proxyid.js
200 OK 170 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/proxyid.js
IP
File type ASCII text, with no line terminators
Hash df12345b39e09a10716a3d123eed0456
0eaa13a8a6acb765c1ef90b80827244ae1ec2453
c64bd5b1de5bb032bb18fe298f50ab7678848b765b9a81b250444f8506e95f10
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/proxyid.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
content-length: 170
x-accel-version: 0.01
last-modified: Sat, 01 Oct 2022 15:01:00 GMT
etag: "a4-5e9fa60eab3d1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/main-ics.css
200 OK 35 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/main-ics.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 52147c7af3ae341bccab5ec0d58a73e3
0ec5057698d91813b0cd871db4d35e6734805569
75f8cc59b5e4dea6b679eb8fed61703522e2ca8940a241164b183ca114b9c356
GET /nieuw11/SCI/main-ics.css HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: text/css
last-modified: Sat, 01 Oct 2022 15:00:34 GMT
etag: W/"63385612-3b0c7"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/zero.png
200 OK 68 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/zero.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /nieuw11/SCI/zero.png HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Sat, 01 Oct 2022 15:01:15 GMT
etag: "44-5e9fa61d4b4cd"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mm9pu6sJnt0xD3f9Dz31qQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mPo2NIU8GUMhTlDSb6j39ahaydc=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web8746.web07.bero-webspace.de/nieuw11/SCI/a
404 Not Found 841 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aeba10e284113501b1ec4575c539aafe
eadd2de87123c00d8a2edb3b431c4e488abd6246
541c8e8521f870ea7617c000e885da146f4ec03fb68866bef6e14a8677f8601d
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/a HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: text/html
last-modified: Sat, 01 Oct 2022 04:12:17 GMT
etag: W/"328-5e9f150f0fe28"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PVW329
200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PVW329
IP
File type ASCII text, with very long lines (2039)
Hash 9f57ec8dde10c9073d5196352f7dfcdb
8c4972ef9600ef21165a6841ec5abb948f8c9049
c3d6f8c824c94e692bf964a4e82c135befcc7bbcf7c6f84a081104dd2b905578
GET /gtm.js?id=GTM-PVW329 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Oct 2022 09:58:13 GMT
expires: Mon, 03 Oct 2022 09:58:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 03 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 35911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/SunOT-Regular.ttf
200 OK 86 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/SunOT-Regular.ttf
IP
File type TrueType Font data, 15 tables, 1st "FFTM", 24 names, Macintosh\012- data
Hash 6150bb0f5b1e975bc0b616b61845f49c
4ea5afcef3164f6dbae351f9d12c13ad9514fd92
69e81e13ae217c9a436756a0f91d43af57f3adb823ea36f94d33f03cb4694981
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/SunOT-Regular.ttf HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/SCI/styles.css
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: font/ttf
content-length: 86304
last-modified: Sat, 01 Oct 2022 15:01:12 GMT
etag: "63385638-15120"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
200 OK 113 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP
File type Unicode text, UTF-8 text, with very long lines (65321)
Size 113 kB (112667 bytes)
Hash 2b06c30ab2555f55f64d9cadbe5783b9
7afe03d4235bbf0328cca3a3e9ed5c144adaf825
f69f817ddfbef9f1ead3ce9ed49d27b2af92ab70b28081841a54ea5025a642bc
GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Oct 2022 09:58:13 GMT
expires: Mon, 03 Oct 2022 09:58:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 03 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 112667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/icons.woff
200 OK 11 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/icons.woff
IP
File type Web Open Font Format, TrueType, length 11160, version 1.0\012- data
Hash 8dc03542a25b5a4e35d7f6d420203e69
d836d4d01e9d719741e86bf521ae2163571f04d8
c1f3874cc3f5467a309962d1f127dc7c0f5bfdba58e6084a779d4dacefcefb8d
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/icons.woff HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/SCI/main-ics.css
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: font/woff
content-length: 11160
last-modified: Sat, 01 Oct 2022 14:59:32 GMT
etag: "633855d4-2b98"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/SunOT-Light.ttf
200 OK 86 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/SunOT-Light.ttf
IP
File type TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Hash fc9b52707830de91489044be4726abc6
f3eddc426afe06abde7ab9b9426b41944da24171
75af6860450b2595cd18ebad00dbf3927d9e494dfdbd12ceefcec15b2c03d84e
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/SunOT-Light.ttf HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/SCI/styles.css
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: font/ttf
content-length: 86500
last-modified: Sat, 01 Oct 2022 15:01:09 GMT
etag: "63385635-151e4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/styles.css
200 OK 124 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/styles.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 124 kB (124039 bytes)
Hash 807bfdab76f154ab0e34a6d5f73185dc
2526c32a2c2d9e12de8ffd862482c36eac4421e9
d5a615f692016fd16388e827beaa3f778768787b9ba793434e9e8ce665588bb0
GET /nieuw11/SCI/styles.css HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: text/css
last-modified: Sat, 01 Oct 2022 15:01:07 GMT
etag: W/"63385633-7226b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/ics-icons.woff2
200 OK 6.6 kB URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/ics-icons.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 6640, version 1.0\012- data
Hash 63e2cb76dd1d001abe5c22de5d8a0ee8
595bf366b208110a66f257755b861c040d90dd39
26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/ics-icons.woff2 HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/SCI/styles.css
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: font/woff2
content-length: 6640
last-modified: Sat, 01 Oct 2022 14:59:35 GMT
etag: "633855d7-19f0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0636366e5a959c2eae6e1ad50b87ec02
c03a2896ac79eb7bb4ea32be12c827322013a6ec
1385d359416095fd8899a5306e941f75cd02fe05c3680abf4be80e0548adec18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Last-Modified: Mon, 03 Oct 2022 08:22:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 08:41:09 GMT
expires: Mon, 03 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 4624
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=323963194&t=pageview&_s=1&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=1294516489&gjid=388223036&cid=2038381832.1664791093&tid=UA-63549881-7&_gid=2035278052.1664791093&_r=1>m=2wg9i1PVW329&z=1625293409
302 Found 419 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=323963194&t=pageview&_s=1&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=1294516489&gjid=388223036&cid=2038381832.1664791093&tid=UA-63549881-7&_gid=2035278052.1664791093&_r=1>m=2wg9i1PVW329&z=1625293409
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 16468f1d477d3f64cd2e51ec808472a9
13d682f84d5b7425fcc7813da490378964a4c90c
0b4569355a6db8ec19d0042119fe9ceb2867a65b42e732a97c77a83e9b591dce
GET /r/collect?v=1&_v=j79&aip=1&a=323963194&t=pageview&_s=1&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAQABE~&jid=1294516489&gjid=388223036&cid=2038381832.1664791093&tid=UA-63549881-7&_gid=2035278052.1664791093&_r=1>m=2wg9i1PVW329&z=1625293409 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=2038381832.1664791093&jid=1294516489&_gid=2035278052.1664791093&gjid=388223036&_v=j79&z=1625293409
access-control-allow-origin: *
date: Mon, 03 Oct 2022 09:58:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bFHg7QQBBlA9+W0HjvTo0u83rl0Wzps9gRH1w/mee2FGi51N0vjz5uNl0EjuMHDHGoKF/IFSqQhqpatCUZ6/TA==
content-length: 26840
x-fb-trip-id: 1904183273
date: Mon, 03 Oct 2022 09:58:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7254265c1c32cc24a2d3db1c0b3dc12e
ba1f945b35a44db6f1233d8c313c56e9277002cb
063a5b619cd4ec46cbae5b3617713d424a6dba244ac687e7ff805272d64ef65f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4307
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Last-Modified: Mon, 03 Oct 2022 08:46:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 02b6db128321bff030b71b4a7aec97c8
3fa28f98c33eee6147a0ed4b521034369ad58887
ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0636366e5a959c2eae6e1ad50b87ec02
c03a2896ac79eb7bb4ea32be12c827322013a6ec
1385d359416095fd8899a5306e941f75cd02fe05c3680abf4be80e0548adec18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Last-Modified: Mon, 03 Oct 2022 08:22:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
200 OK 404 B URL HTTP/2 8602056.fls.doubleclick.net/activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567), with no line terminators
Hash c3745516320bd3b37fdc6335a572288a
87121b977cd9294b713585dfa27751c1ed2d0ccb
d40202b1ba4dc0c8f7db23cf86189cde9a4f3e27e581f35a90857a4a9a7fd823
GET /activityi;src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore? HTTP/1.1
Host: 8602056.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 09:58:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 404
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-Oct-2022 10:13:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 59c315311062d99b78b583eea8a40e20
d5363fa66f35295f0108ff62bc1cfda7a94da2f6
f31a5265fb9a3d82a9f3eee694726cb8b31e62488e8fd231376b254585c26b0f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5648
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Last-Modified: Mon, 03 Oct 2022 08:24:05 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
302 Moved Temporarily 0 B URL HTTP/1.0 icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
ASN #42649 Baffin Bay Networks AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 302 Moved Temporarily
Location: https://www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
Connection: Keep-Alive
Content-Length: 0
Set-Cookie: _tpc_persistance_cookie=!bKn3BYnwHK/cWGG8EOda6AVGp4P79bSMZoexn3mu76W2IGHUFeOTU5Tq3mledYDn5piUKtL/yHFH5vQ=; path=/; Httponly; Secure
BBN01c5658b=0135ab579af194548833bba1581992bf2512ac00dfb4b5a015ea8a4bc59885205014c9d8e94f9e16b23341422c02e63e0b17d1e9aea31d9d28d07cc165b5cdfda9564945e3; Path=/; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 02b6db128321bff030b71b4a7aec97c8
3fa28f98c33eee6147a0ed4b521034369ad58887
ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=2038381832.1664791093&jid=1294516489&_gid=2035278052.1664791093&gjid=388223036&_v=j79&z=1625293409
200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=2038381832.1664791093&jid=1294516489&_gid=2035278052.1664791093&gjid=388223036&_v=j79&z=1625293409
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63549881-7&cid=2038381832.1664791093&jid=1294516489&_gid=2035278052.1664791093&gjid=388223036&_v=j79&z=1625293409 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web8746.web07.bero-webspace.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 09:58:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&rl=&if=false&ts=1664791093748&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664791093747.10211151&it=1664791093705&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&rl=&if=false&ts=1664791093748&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664791093747.10211151&it=1664791093705&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=581814205522419&ev=PageView&dl=https%3A%2F%2Fweb8746.web07.bero-webspace.de%2Fnieuw11%2F&rl=&if=false&ts=1664791093748&cd[apoCode]=undefined&cd[businessLabel]=icscards_nl&cd[businessUnit]=consumer&cd[cookieConsent]=FULL_OPT_IN&cd[js_hitTimestampLocalTime]=2020-01-31T23%3A26%3A11.598%2B01%3A00&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664791093747.10211151&it=1664791093705&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Mon, 03 Oct 2022 09:58:13 GMT
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
200 OK 403 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566), with no line terminators
Hash 8747e862216d3bd965e43e463ddb3253
ac7f79d449123a057603741965fed0480f06f5d0
d61e73a1fb3453a6a8ac025ab0e974c48d1cb66c2ab89a4624a1e1dccb168ee5
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8602056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 09:58:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
200 5.5 kB URL HTTP/1.1 www.icscards.nl/webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
ASN #42649 Baffin Bay Networks AB
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63
GET /webfiles/1580357904717/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://web8746.web07.bero-webspace.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
content-length: 5528
content-type: image/png;charset=UTF-8
date: Mon, 03 Oct 2022 09:58:13 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Tue, 03 Oct 2023 09:58:13 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d1o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!Z4OKVLkWEE19G+y8EOda6AVGp4P79Z8llDVdSgCgC+meQO4oh8ifmaUMX7EJc40jHfZRv795225bEhs=; path=/; Httponly; Secure
BBN01677320=0135ab579a7bad03dfc21a3cba728dcb0db0da2232edaea216ed89c0f61d4b07ad77fced50f9702512186878081a7bea22d57f20cead53b4e92215478b1b06b7b1794192f6; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5fd5220974d4ba8aa221c18eb5c413b2
f9eeff7bd72515ced8432986dbb1bb520caffb40
659f192b19e45d377fa25ba058d0864ad58e4a310005e12d1db07932afa326a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 09:58:13 GMT
Last-Modified: Mon, 03 Oct 2022 09:31:21 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 4b84bb80909a7ce00ada4d4940807b22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: saWWCTmpXOsMXJ28QoisDBleXV-mCPuSrc2lcWG2Wo-r9UHcMTEv5A==
Age: 1612
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=8602056;type=count;cat=ics_r0;ord=5419974534893;gtm=2wg1m0;auiddc=369082460.1580507037;u1=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore;u2=icscards_nl;u3=2;u4=2543;u8=consumer;u10=pageview;~oref=https%3A%2F%2Ficscards.nl%2Fsca-login%2F%3Fignore HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 09:58:13 GMT
expires: Mon, 03 Oct 2022 09:58:13 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.usabilla.com/a1d53d1e874a.js?lv=1
200 OK 13 kB URL HTTP/2 w.usabilla.com/a1d53d1e874a.js?lv=1
IP
File type ASCII text, with very long lines (12888)
Hash 1aa4655472d63e16c89a29662b4d4327
a4724b9fc525aa92f84c469d85692d3dc88957df
5a5824223eba4d47e853b24c0ca9db1394cf556bd45202cedb11b4cedd4e30e9
GET /a1d53d1e874a.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: text/javascript
content-length: 13222
cache-control: public,max-age=0
content-encoding: gzip
etag: "e255879c516de604cf466269a75d96a1"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 09:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
200 OK 1.8 kB URL HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png
IP
File type PNG image data, 80 x 260, 8-bit colormap, non-interlaced\012- data
Hash 7ef629548db47bacfbb18b3383223f61
c92146d1f74c6f79b3bf2c5bfe01ac69392bd998
62aa47ada132a4fb2551ef3ab9b39a28fc285e187905d744c8ec52ed83007ef8
GET /themes/production/icsnederland-button-7ef629548db47bacfbb18b3383223f61.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1809
Connection: keep-alive
Date: Tue, 12 Jul 2022 22:38:54 GMT
Last-Modified: Tue, 13 Mar 2018 16:10:27 GMT
ETag: "7ef629548db47bacfbb18b3383223f61"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: uUADb9XCpewO7QYDlgT5DnwG20pU0rFi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: D2NgGW_Ir4rQ7djn5Hh7RHv4RHyyRZ37rnsQi3JOOYN0F3gzP5Ju8Q==
Age: 7125561
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2900
Expires: Mon, 03 Oct 2022 10:46:34 GMT
Date: Mon, 03 Oct 2022 09:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2900
Expires: Mon, 03 Oct 2022 10:46:34 GMT
Date: Mon, 03 Oct 2022 09:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2900
Expires: Mon, 03 Oct 2022 10:46:34 GMT
Date: Mon, 03 Oct 2022 09:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2900
Expires: Mon, 03 Oct 2022 10:46:34 GMT
Date: Mon, 03 Oct 2022 09:58:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:50:25 GMT
age: 58069
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 16:41:13 GMT
age: 62221
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf3117fe-8653-4f81-81ca-39c33b5cbd05.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf3117fe-8653-4f81-81ca-39c33b5cbd05.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87d9e7d5b408493b820d35eff2318657
0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7
6c1d246a7f024b836b4504d2acfaafe8617cc4384ef9c4ba5095ddd6107ad7cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf3117fe-8653-4f81-81ca-39c33b5cbd05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6460
x-amzn-requestid: 23655e0f-f899-4f3d-bac1-070fed558fc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXQ4EnmIAMFjAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a059f-1e08b5111f56ec1163e4eb71;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xlSSCE_5COODqespy_6BaVeb5tbGJYUHSz0AD70TSC2K-87bOH7enA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:17:07 GMT
age: 42067
etag: "0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 43898
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 18923
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 43196
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/gtm_002.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/gtm_002.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/gtm_002.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:32 GMT
etag: W/"633855d4-21ab3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/arcotfpcollect.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/arcotfpcollect.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/arcotfpcollect.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:01 GMT
etag: W/"633855b5-8355"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/modernizr.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/modernizr.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/modernizr.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 15:00:46 GMT
etag: W/"6338561e-5f1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/polyfills.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/polyfills.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/polyfills.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 15:00:59 GMT
etag: W/"6338562b-1aa67"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js
404 Not Found 0 B URL HTTP/2 web8746.web07.bero-webspace.de/webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /webfiles/1580357904717/media/theme/ics-nl/js/3rdparty/jquery-1.12.0.min.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p; _ga=GA1.4.2038381832.1664791093; _gid=GA1.4.2035278052.1664791093; _gat_UA-63549881-7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 09:58:13 GMT
content-type: text/html
last-modified: Sat, 01 Oct 2022 04:12:17 GMT
etag: W/"328-5e9f150f0fe28"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/gtm.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/gtm.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/gtm.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:29 GMT
etag: W/"633855d1-1d455"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/collectddna.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/collectddna.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/collectddna.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:03 GMT
etag: W/"633855b7-a89"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/analytics.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/analytics.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/analytics.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:58:53 GMT
etag: W/"633855ad-adb6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/runtime.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/runtime.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/runtime.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 15:01:01 GMT
etag: W/"6338562d-5ab"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/main.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/main.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/main.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 15:00:41 GMT
etag: W/"63385619-2e4c2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/conversion_async.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/conversion_async.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/conversion_async.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:05 GMT
etag: W/"633855b9-5f4d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/8574.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/8574.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/8574.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:58:51 GMT
etag: W/"633855ab-402c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/fbevents.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/fbevents.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/fbevents.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:27 GMT
etag: W/"633855cf-1e5e9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/a
404 Not Found 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/a
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/a HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: text/html
last-modified: Sat, 01 Oct 2022 04:12:17 GMT
etag: W/"328-5e9f150f0fe28"
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/jquery-1.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/jquery-1.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/jquery-1.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 14:59:44 GMT
etag: W/"633855e0-17c52"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web8746.web07.bero-webspace.de/nieuw11/SCI/main_002.js
200 OK 0 B URL HTTP/2 web8746.web07.bero-webspace.de/nieuw11/SCI/main_002.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /nieuw11/SCI/main_002.js HTTP/1.1
Host: web8746.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8746.web07.bero-webspace.de/nieuw11/
Cookie: PHPSESSID=ds9b3le5okmuthrqrbbn01qp8p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 09:58:12 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 15:00:53 GMT
etag: W/"63385625-254a40"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
109.71.253.24
18.164.66.202
31.13.72.36
93.184.220.29
23.36.76.226
34.242.77.172
0.0.0.0