Report - florentina-plete-necky.com/

Report Overview

Submitted URL
florentina-plete-necky.com/
IP
62.116.130.8
ASN
#15456 InterNetX GmbH
Submitted
2022-12-08 05:53:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
js.ui-portal.de	25004	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	225 kB	2.18.172.165
img.ui-portal.de	21604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	101 kB	2.18.172.165
tgw.gmx.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.2 kB	217.72.199.35
wa.gmx.net	68545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	904 B	82.165.229.16
ocsp.serverpass.telesec.de	29467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	710 B	3.6 kB	80.158.59.63
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
florentina-plete-necky.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	853 B	62.116.130.8
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
dl.gmx.net	41286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	131 kB	2.18.172.165
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
www.gmx.net	49214	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	933 B	1.1 kB	82.165.229.85
s.uicdn.com	25781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	18 kB	2.18.172.165
epimetheus.navigator.gmx.net	48439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.1 kB	217.72.199.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	florentina-plete-necky.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.gmx.net/produkte/homepage-mail/homepage-parken/	662 B	2023-03-07	2023-05-07
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-05-07 20:25:48 Times Seen35 Hash c5a09490037b804f1301a362524ebeb2 881919a6b27316352d06ce31038da6b207710a1f 1deb23052487878243176460890f75c5d008e5daa36e0859fba90e2cf4b3c090 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/daq.js	42 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/daq.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 2891048c63fb5bbe11bdaeeb0a8c13ad ec9a9852c5addc01ee07d8607bb3904678078c03 a2c6523166cc9bb7bb38c974b4f4b21b4ac06258e99962fac619b83dc550d37c Loading...

	js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp	174 kB	2023-03-08	2023-03-13
Pretty URL js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-13 07:56:45 Times Seen1 Hash 6a9f32a705c8f61e080e90408cdc1a32 a9ba5f948e5204095895360cba74e8b1cc7b9306 e02532fdd969f80556f5e9342001c7d0ff6e904a4f2471f5c94d5b6a17200cdb Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545	5.5 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545 IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash a096a0c12c9bf017d7da3c3f61386df8 3ad0656fc1bb56bdd163a665a81d0edb030c5ac8 73143c7f9225040a3a98945decc138d0eeb343e40ebd3de7fa86e7eb3e8583e0 Loading...

	js.ui-portal.de/prompt/permission/latest/connector.min.js?	6.7 kB	2023-03-08	2023-03-12
Pretty URL js.ui-portal.de/prompt/permission/latest/connector.min.js? IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-12 18:42:46 Times Seen1 Hash ec7ea47f4ddee73768e64af53da4eaec 06f4eeab8477950bed3a181b353bcbbf159b2149 6cf96008f7efbe709478519e738a9c29d941f80f3b257d3e2afd67e75e2bea64 Loading...

	js.ui-portal.de/cat/product/partner-products/2.2.0/product.js	5.2 kB	2023-03-08	2024-04-18
Pretty URL js.ui-portal.de/cat/product/partner-products/2.2.0/product.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2024-04-18 14:54:42 Times Seen101 Hash fcaa8f918259255aec1848dbc993fffb 9a8901ab4390451168e1277d8a736dc28c28b398 e76838889d0a2660c7129aac22cae9dd3e045994f764b0990476ac3d6db6b398 Loading...

	dl.gmx.net/permission/live/v1/ppp/js/permission-client.js	159 kB	2023-03-08	2023-03-11
Pretty URL dl.gmx.net/permission/live/v1/ppp/js/permission-client.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 8ae81e53cbb84dd7c7373f8242eeca44 f52c0c9e4c384f90ddc3c5405bdca9d10da582b9 dac0b2e4fe9494bd12852e5c3d837699bd365e6cfb2a6fdd3656e228ed2ac7e1 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826	4.3 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826 IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 753f5d3348b30fc57aa8b6b45fe512c5 6c2f5ab8437c38c0666ebd38de1a8a5edb79c00f c792c5434dd11447ef7fb4408dc1999c75056757b2899d6839b54f422f41e798 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 21:08:32 Times Seen37047526 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	js.ui-portal.de/prompt/permission/latest/tracking.min.js	7.4 kB	2023-03-07	2024-04-18
Pretty URL js.ui-portal.de/prompt/permission/latest/tracking.min.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-18 14:54:42 Times Seen230 Hash 6f4daca24d71edd532e27eef87ef36d9 d7223b400fb9f896ac8ec4cadb765f22ceb1e4bb 10a4ffe3d65b0629d9d6340837de38ed0884538c7f168400fe367d65e67ea8f8 Loading...

	dl.gmx.net/permission/live/v1/ppp/js/permission-client-compat.js	120 kB	2023-03-08	2023-03-11
Pretty URL dl.gmx.net/permission/live/v1/ppp/js/permission-client-compat.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash f30b68e8d906717b1944c54fa30640f9 b04e9f956cdc7c28505b83b7438d8db8241c8c95 6ad7598fd8a23b09375efc03d514bb2750b70491a0fedc93100d63e251bbe4af Loading...

	js.ui-portal.de/c/eic/eic.js	9.1 kB	2023-03-07	2024-04-18
Pretty URL js.ui-portal.de/c/eic/eic.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-18 14:54:42 Times Seen359 Hash 09e0e16ca0343dcf589d1401ee0affb3 19e457ca522d59aa83e1de313781972654b25326 037d2f3dde88d30af81cc355ef86a1a192a0ce781da44b9c89419092c66fdc7f Loading...

	dl.gmx.net/tcf/live/v1/js/tcf-api.js	142 kB	2023-03-08	2023-11-06
Pretty URL dl.gmx.net/tcf/live/v1/js/tcf-api.js IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-11-06 11:27:56 Times Seen8 Hash 495f086eb6a6c749d16165453e7746a7 a6b9a0656ef8f535a675a5390f57c0dd766f0b61 37bb1694574121cdda4920206aab79fc9ac43a331c266a6759a441207d5cb2d4 Loading...

	s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826	4.4 kB	2023-03-08	2023-03-11
Pretty URL s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826 IP 2.18.172.165 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-11 20:25:50 Times Seen1 Hash 6fac2c4c3dc1b56c9b91c90d188c1350 8b2983c1ffaf7015f93ac46cbce5dc39a37aecce fe031dd149fd2272dd6d693b394d2529af98de0bf8c2c12f727d6f2e3cf5f226 Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	715 B	2023-03-08	2023-03-08
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:42:32 Last Seen2023-03-08 22:39:01 Times Seen1 Hash de7cfe6346d9fc90a87170d786baeab7 3223d740bf0a36d6bdb0fbf449f1457a68f56991 d13610ef1cf699b64d9cb290176802b6957ee1adc7f58584153c11d44a7f8d97 Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	388 B	2023-03-07	2024-04-18
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-18 14:54:41 Times Seen120 Hash 285efdcf951a565d743b69e7ff7585e1 dbc954407866af5e066e3ff6458eac964b29a0c7 a69be6c1f509d8e76b0946f0af8fdb70cddc3b67f9c2e6ec9eddd94f918f8e9a Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	698 B	2023-03-07	2023-04-20
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-04-20 15:53:09 Times Seen31 Hash 4a0e9fd635432ceab9a6d8dbeee072d6 42539c699d99339cc0e445b4a4ab8bb48b6e92d0 152e7b1fba33f8cb4139a84249d65be5dc2a901ec8d739b94e32fa0e8cc14b92 Loading...

	www.gmx.net/produkte/homepage-mail/homepage-parken/	371 B	2023-03-07	2024-04-18
Pretty URL www.gmx.net/produkte/homepage-mail/homepage-parken/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2024-04-18 14:54:41 Times Seen124 Hash cc3583521a71685b5c770356623684f6 13479ff61c012bbb29c7c70cdf78866a3d711571 9a6392a1e7536307a9b046005a9a0b67fba9b2b03d7cd00001657b6c9f5911e5 Loading...

HTTP Transactions (56)

URL IP Response Size

florentina-plete-necky.com/

62.116.130.8

200 OK

160 B

URL HTTP/1.1
florentina-plete-necky.com/
IP
62.116.130.8:0
ASN
#15456 InterNetX GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
160 B (160 bytes)
Hash
b05186f54f5e5273331991fbc8039ac8
fe161236212da31c9a0e7f4d1b88383bd5290737
6bf66f1a3c56c981fecb8c9d1b030112235f81c1e0869d102056f601221490ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: florentina-plete-necky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 03:52:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirector-ID: 16804b32b8296182e66dcdce17190056ce63587367d6edb5b27c40934bb5ab63
IX-Cache-Status: HIT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Thu, 08 Dec 2022 07:13:58 GMT
Date: Thu, 08 Dec 2022 05:53:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7320
Expires: Thu, 08 Dec 2022 07:55:36 GMT
Date: Thu, 08 Dec 2022 05:53:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15954
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 05:53:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 05:08:08 GMT
content-type: application/json
age: 2728
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5UtZ9RwFgvxhEgPYDydojep0exWuqU5oYqPUe4+BD1c5qREx8JO/4BZJalAKcMtLGNFEu3AVdDA=
x-amz-request-id: 15BW95QZG6NSJRB5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 05:49:40 GMT
age: 236
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

florentina-plete-necky.com/favicon.ico

62.116.130.8

200 OK

160 B

URL HTTP/1.1
florentina-plete-necky.com/favicon.ico
IP
62.116.130.8:0
ASN
#15456 InterNetX GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
160 B (160 bytes)
Hash
b05186f54f5e5273331991fbc8039ac8
fe161236212da31c9a0e7f4d1b88383bd5290737
6bf66f1a3c56c981fecb8c9d1b030112235f81c1e0869d102056f601221490ef

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: florentina-plete-necky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://florentina-plete-necky.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 03:52:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirector-ID: dda59625a25dcd6aca0668bd3d986c269cab3885e3406c0acb8ba4f97f2b9850
IX-Cache-Status: MISS

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:53:36 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.gmx.net/produkte/homepage-mail/homepage-parken

82.165.229.85

301 Moved Permanently

266 B

URL HTTP/1.1
www.gmx.net/produkte/homepage-mail/homepage-parken
IP
82.165.229.85:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
08fefeadf73ddb80967bc7ea0e147567
b12ac95e1f1777489bc8ecf086f8e5917689e480
a358963d10b812b7bc4ed024afd93408d083bdca8644b87bb8fe4f70a7069cf2

HTTP Headers

GET /produkte/homepage-mail/homepage-parken HTTP/1.1
Host: www.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://florentina-plete-necky.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 05:53:36 GMT
Server: Apache
Location: https://www.gmx.net/produkte/homepage-mail/homepage-parken
Content-Length: 266
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 05:07:58 GMT
age: 2738
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.serverpass.telesec.de/ocspr

80.158.59.63

200 OK

1.6 kB

URL HTTP/1.1
ocsp.serverpass.telesec.de/ocspr
IP
80.158.59.63:0
ASN
#6878 T-Systems International GmbH

File type
data
Size
1.6 kB (1583 bytes)
Hash
06639579adc37a122b268c4b03f476c1
3ba38425c81235b8acf32677e5f3b3f4d7aa988e
6bbfe0d343000b314926c19a509adb2159f64528ba574c6f537b54efce34e5da

HTTP Headers

POST /ocspr HTTP/1.1
Host: ocsp.serverpass.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:53:36 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1583
Connection: close

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3679
Cache-Control: max-age=101672
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:53:37 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:08:09 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

js.ui-portal.de/prompt/permission/latest/connector.min.js?

2.18.172.165

200 OK

2.4 kB

URL HTTP/2
js.ui-portal.de/prompt/permission/latest/connector.min.js?
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (6653)
Size
2.4 kB (2364 bytes)
Hash
1f5367d866293b8dda44f76d02962198
351ab490848e0db947eed72a7ad17f60755362bd
d51600ca1879967e94f45a05c5cd6569db794e3a92407e147fdace92aa53d57d

HTTP Headers

GET /prompt/permission/latest/connector.min.js? HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 10 Oct 2022 12:25:33 GMT
etag: "1a27-5eaad41936ef6"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2364
content-type: application/javascript
cache-control: public, max-age=234
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/product/partner-products/2.2.0/product.js

2.18.172.165

200 OK

2.1 kB

URL HTTP/2
js.ui-portal.de/cat/product/partner-products/2.2.0/product.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (5132)
Size
2.1 kB (2146 bytes)
Hash
1b593f02aa66b3c7f0d0ad096e54daed
bb6eb55c379328355753f9e669f7245909629ded
1b9eb849af851a6a959976de509ae7d75ba46b26a73f87bd742913da2a2109cd

HTTP Headers

GET /cat/product/partner-products/2.2.0/product.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 13:01:46 GMT
etag: "1430-5eb62cf9dbcf9"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2146
content-type: application/javascript
cache-control: public, max-age=73
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/components/5.10/components.js

2.18.172.165

200 OK

94 kB

URL HTTP/2
js.ui-portal.de/cat/components/5.10/components.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (356), with CRLF line terminators
Size
94 kB (93707 bytes)
Hash
bea02e9cf5bff5090ce6da2b7bf7fbf7
8bdcddb810e6f86c44f709c466ac9ccc69166e11
d0fa4e917277b45e093d0a35cb330921f61306a017019435d062c088df447bdf

HTTP Headers

GET /cat/components/5.10/components.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 09:06:14 GMT
etag: "50b6c-5ea45e388769e"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-type: application/javascript
content-length: 93707
cache-control: public, max-age=1546
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/product/partner-products/2.2.0/product.css

2.18.172.165

200 OK

241 B

URL HTTP/2
js.ui-portal.de/cat/product/partner-products/2.2.0/product.css
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
241 B (241 bytes)
Hash
223a64437fbf799dc6b58559a6794c73
567ebae5035f31df63f094645a5a224a0bd369f4
5822831674e0a9f6bb20c3a87623a2d599651a5ba3276a2c67c4cba17beae707

HTTP Headers

GET /cat/product/partner-products/2.2.0/product.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 06:14:16 GMT
etag: "31e-5eb5d1e557414"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 241
content-type: text/css
cache-control: public, max-age=147
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/events/advent/2022/advent.css

2.18.172.165

200 OK

300 B

URL HTTP/2
js.ui-portal.de/cat/events/advent/2022/advent.css
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with CRLF line terminators
Size
300 B (300 bytes)
Hash
ffa490e877d39ab4dccca1758271e793
b7a02deaf8b4046911fa6f7f67e3e2f45ebdecf2
2164ea2c6bdea2f8f576a8cfd39c11cbc577366698ffa94d7d1312c1a7f32f97

HTTP Headers

GET /cat/events/advent/2022/advent.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 11:45:48 GMT
etag: "214-5eb61bfef4358"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 300
content-type: text/css
cache-control: public, max-age=38
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/cat/components/5.10/brand/gmx.net/components.css

2.18.172.165

200 OK

61 kB

URL HTTP/2
js.ui-portal.de/cat/components/5.10/brand/gmx.net/components.css
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
61 kB (60617 bytes)
Hash
26b415481b0e37350a70bec755c8eea8
87a4b70a16e6c5002cd0316b7e2ea7f4bde8ed70
5fc4e044a33f420cbce0345b99cae175a160897f1c7196b2c9837e9f80cb3b7d

HTTP Headers

GET /cat/components/5.10/brand/gmx.net/components.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
etag: "721f3-5ea454afd16e6"
last-modified: Wed, 05 Oct 2022 08:23:35 GMT
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 60617
content-type: text/css
cache-control: public, max-age=1800
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff

2.18.172.165

200 OK

19 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 18880, version 2.137\012- data
Size
19 kB (18880 bytes)
Hash
65ef01dd5f041403d0b7357619a1f447
ed6c6ebbe03deb3cb59891cf28b57cca1f720b53
4cde34c1e366e3d7625d453914da07e72c137c195ec9191db06f41775e65a01b

HTTP Headers

GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 18 Jul 2017 09:59:36 GMT
etag: "49c0-5549492a91200-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=745694
date: Thu, 08 Dec 2022 05:53:37 GMT
content-length: 18880
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff

2.18.172.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25268, version 1.0\012- data
Size
25 kB (25268 bytes)
Hash
87dc856a4038eba42eb5bcf49ff85712
6a2aac951a11fc3523ca98e5df98b28de21c90d8
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6

HTTP Headers

GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:48 GMT
etag: "62b4-4f35bfeb9b700-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=267383
date: Thu, 08 Dec 2022 05:53:37 GMT
content-length: 25268
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff

2.18.172.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25048, version 1.0\012- data
Size
25 kB (25048 bytes)
Hash
b9d01ac1742192a7c9d30f3fe346a9f4
7936f9a6690c04cec20cdd3b270bda83a613582b
8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910

HTTP Headers

GET /ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "61d8-4f35bfe9b3280-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=2261325
date: Thu, 08 Dec 2022 05:53:37 GMT
content-length: 25048
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/brand-410.svg

2.18.172.165

200 OK

3.1 kB

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/brand-410.svg
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (745)
Size
3.1 kB (3123 bytes)
Hash
a39f3f400b50dcab24915f52a5219dd8
80c6be5fa8a88ad47a8b1b21bde6cd61fb290a94
96b943ef67a4c2ce4d37c81b77df3fd92e65e7b3f5d78a118dea78bb911f1f10

HTTP Headers

GET /cd/ci/gmx.net/brand-410.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 18 Dec 2019 14:40:24 GMT
etag: "2133-599fb6cc897f4"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 3123
content-type: image/svg+xml
cache-control: public, max-age=319
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff

2.18.172.165

200 OK

25 kB

URL HTTP/2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 25020, version 1.0\012- data
Size
25 kB (25020 bytes)
Hash
3e5675c89f974f7811eeaf07e2dd5ba3
99d93e1e3636f86c85b0c7c4da2077b4f1ee010c
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

HTTP Headers

GET /ci/gmx/global/fonts/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "61bc-4f35bfe9b3280-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=1962203
date: Thu, 08 Dec 2022 05:53:37 GMT
content-length: 25020
X-Firefox-Spdy: h2

js.ui-portal.de/c/eic/eic.js

2.18.172.165

200 OK

2.8 kB

URL HTTP/2
js.ui-portal.de/c/eic/eic.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1112), with CRLF line terminators
Size
2.8 kB (2825 bytes)
Hash
aee00c21a7d54b0f487e8109cc76baf2
89ec6675e4f72178cbd22d83e08281581309689e
75fb8f3c45c0a9c8c600bfb61ebf993e83d02e5914d0e3b6e10156987e6270f0

HTTP Headers

GET /c/eic/eic.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 26 Sep 2017 08:18:07 GMT
etag: "2380-55a13509fe826"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2825
content-type: application/javascript
cache-control: public, max-age=21349
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/brand-logo.svg

2.18.172.165

200 OK

453 B

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/brand-logo.svg
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (681), with CRLF line terminators
Size
453 B (453 bytes)
Hash
bbfe4a327f71e619c251f3b2583c6ab3
0075738a9d349020e3e8e18e9eab773733348c98
25fdabdb964d0e86f42b7c91125dfba131c1fd99970a8f2bae437fb2b8bb127e

HTTP Headers

GET /cd/ci/gmx.net/brand-logo.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: Apache
etag: "2ab-5630cb19a6ac9"
last-modified: Thu, 18 Jan 2018 13:10:53 GMT
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 453
content-type: image/svg+xml
cache-control: public, max-age=1765
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.ui-portal.de/cd/ci/gmx.net/service-410.svg

2.18.172.165

200 OK

687 B

URL HTTP/2
img.ui-portal.de/cd/ci/gmx.net/service-410.svg
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1034)
Size
687 B (687 bytes)
Hash
2c8088c832eaf122fbbbf19aff7fd118
ee0867d77e6a11ec0c554d92c94efa4b81f6300a
1af4a28013eb4bee8a963437a68a17cfda973684790db4a12f65b46341dca2d9

HTTP Headers

GET /cd/ci/gmx.net/service-410.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.ui-portal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: Apache
etag: "61c-599fb6cc943d5"
last-modified: Wed, 18 Dec 2019 14:40:24 GMT
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 687
content-type: image/svg+xml
cache-control: public, max-age=1755
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j8Qdlu+XsDdsUPaQN+C6kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RPfei2Mj4AQW+JRQhZnsAe86Ehc=

s.uicdn.com/t/prod/iq/mam/scarlet/daq.js

2.18.172.165

200 OK

12 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/daq.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (14989)
Size
12 kB (11516 bytes)
Hash
d3783ec8d701585e6ca82fcfb997866a
c9eb8eb93d9b2d037055fe14ae92a396b3404bfb
c6e38ee7ea70c7ae710f563fc88d683f4ff7e9610bacec6818169e39e0969912

HTTP Headers

GET /t/prod/iq/mam/scarlet/daq.js HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Tue, 06 Dec 2022 07:34:46 GMT
etag: "a261-5ef23d6938f3e-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 11516
content-type: application/javascript
cache-control: max-age=556
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp

2.18.172.165

200 OK

56 kB

URL HTTP/2
js.ui-portal.de/tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
C source, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Size
56 kB (56260 bytes)
Hash
9ecf39c18be789499b773264bbe5af74
f32e239b0842f54e9de78dcb85cfe7856b1aaa41
9ad1ae4798476de2af38fe2c82e5ae0885443e780df4940acbc8d1f2cf2160cd

HTTP Headers

GET /tamago/1.4.7/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 13:39:04 GMT
etag: "2a7bd-5e907d5cf0ec4"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-type: application/javascript
content-length: 56260
cache-control: public, max-age=178
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545

2.18.172.165

200 OK

1.9 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (2891)
Size
1.9 kB (1852 bytes)
Hash
a17c63d9aa67731426e1189c57f6d599
66b9c5b307d172d0e11d772bd0fb51c942b5b80f
d401fefdfd6d29cd502457e4c6f21cced71dcb71056c52145c79495907d61bcc

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.90.js?utv=ut4.48.202210170545 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Tue, 06 Dec 2022 07:34:46 GMT
etag: "1570-5ef23d6938f3e-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1852
content-type: application/javascript
cache-control: max-age=600
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

dl.gmx.net/tcf/live/v1/js/tcf-api.js

2.18.172.165

200 OK

44 kB

URL HTTP/2
dl.gmx.net/tcf/live/v1/js/tcf-api.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65473), with no line terminators
Size
44 kB (43629 bytes)
Hash
f42b209ca8dd5579f5c659cc9a42cc72
61c7c35ead88d38b9fd1fab25db229aeead2c834
bc23198257dfec4f2b9588cf56a483405db49864e4176197a0737534ccfd3101

HTTP Headers

GET /tcf/live/v1/js/tcf-api.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 10:20:10 GMT
etag: "22a2f-5ecf2e28944db-gzip"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 43629
content-type: application/javascript
cache-control: public, max-age=9115
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

dl.gmx.net/permission/live/v1/ppp/js/permission-client.js

2.18.172.165

200 OK

48 kB

URL HTTP/2
dl.gmx.net/permission/live/v1/ppp/js/permission-client.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (60894)
Size
48 kB (48064 bytes)
Hash
72a3c59d81939d188b2858746bff44e8
cbd5385369dd8a135ec7817e49af19a905cbc13c
00d9bc31b826904bf9602facc0ccb72b41413db29e76ca458a329c58847e927e

HTTP Headers

GET /permission/live/v1/ppp/js/permission-client.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:13:36 GMT
etag: "26bc7-5eec75777d577-gzip"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
access-control-allow-methods: GET
content-length: 48064
content-type: application/javascript
cache-control: public, max-age=10121
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.ui-portal.de/prompt/permission/latest/tracking.min.js

2.18.172.165

200 OK

3.0 kB

URL HTTP/2
js.ui-portal.de/prompt/permission/latest/tracking.min.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (7391)
Size
3.0 kB (2963 bytes)
Hash
1b696a42b6df4ab8815419948f9e1bcb
df4ebc0a4fd4c37b6abe6a29bdfce28318f830ed
8326a643207d26d16d5a4419a0df2695a8cd54c35d583fc196da1fda7a01483b

HTTP Headers

GET /prompt/permission/latest/tracking.min.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 13:51:05 GMT
etag: "1d08-5c4f67fa0c14d"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2963
content-type: application/javascript
unused62: 8096267
cache-control: public, max-age=318
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

dl.gmx.net/permission/live/v1/ppp/js/permission-client-compat.js

2.18.172.165

200 OK

38 kB

URL HTTP/2
dl.gmx.net/permission/live/v1/ppp/js/permission-client-compat.js
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (64654)
Size
38 kB (37948 bytes)
Hash
de21a830e3da788d687806a470510fed
100023b6b63da7807e382ea4982eb711f728174a
e2d8f3dc36715fcb4257f80cedd263a131f5ac8b5ad731dfdf8e76859934f21c

HTTP Headers

GET /permission/live/v1/ppp/js/permission-client-compat.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:13:36 GMT
etag: "1d65f-5eec75777d577-gzip"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
access-control-allow-methods: GET
content-length: 37948
content-type: application/javascript
cache-control: public, max-age=14285
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826

2.18.172.165

200 OK

1.8 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1159)
Size
1.8 kB (1819 bytes)
Hash
6d37f3cba04f5f3519de55bf6331484c
b4b9c78c1d0b27b7dfa9f614353b22de75c6407b
398e7ae148da69c2f0b46fcb2ef0d1100618f0c526b8484cf80e2910d216fa69

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.18.js?utv=ut4.48.202210270826 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Tue, 06 Dec 2022 07:34:46 GMT
etag: "10a9-5ef23d6938f3e-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1819
content-type: application/javascript
cache-control: max-age=541
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826

2.18.172.165

200 OK

1.9 kB

URL HTTP/2
s.uicdn.com/t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826
IP
2.18.172.165:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1128)
Size
1.9 kB (1851 bytes)
Hash
c90c0941490f924fba47f73a5f7cd4eb
8331f6208c5290a9c42037e8ed026c9a2791ed55
8ddaae7ef130195149ecef9ae85c545c28aebb8fc555fbc1c558787563a8adac

HTTP Headers

GET /t/prod/iq/mam/scarlet/utag.29.js?utv=ut4.48.202210270826 HTTP/1.1
Host: s.uicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Tue, 06 Dec 2022 07:34:46 GMT
etag: "1101-5ef23d6938f3e-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-length: 1851
content-type: application/javascript
cache-control: max-age=571
date: Thu, 08 Dec 2022 05:53:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

tgw.gmx.net/events

217.72.199.35

200 OK

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.gmx.net/
Origin: https://www.gmx.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Thu, 08 Dec 2022 05:53:37 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

tgw.gmx.net/events

217.72.199.35

200 OK

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.gmx.net/
Origin: https://www.gmx.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Thu, 08 Dec 2022 05:53:37 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

tgw.gmx.net/events

217.72.199.35

202 Accepted

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/vnd.userevent-v3+json
Content-Length: 1120
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Content-Md5: 1B2M2Y8AsgTpgAmY7PhCfg==
Date: Thu, 08 Dec 2022 05:53:37 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

tgw.gmx.net/events

217.72.199.35

202 Accepted

0 B

URL HTTP/1.1
tgw.gmx.net/events
IP
217.72.199.35:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events HTTP/1.1
Host: tgw.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/vnd.PageViewEvent-v3+json
Content-Length: 1052
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.gmx.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Content-Md5: 1B2M2Y8AsgTpgAmY7PhCfg==
Date: Thu, 08 Dec 2022 05:53:37 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

wa.gmx.net/gmx/gmx/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmx&portal=gmx&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1670478817230&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view

82.165.229.16

200 OK

43 B

URL HTTP/2
wa.gmx.net/gmx/gmx/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmx&portal=gmx&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1670478817230&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view
IP
82.165.229.16:0
ASN
#8560 IONOS SE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /gmx/gmx/s?name=produkte.homepage-mail.pi.homepage-parken&brand=gmx&portal=gmx&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&title=Homepage%20parken&country=de&ts=1670478817230&login=0&category=landing&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&op_id=none&product=homepage-mail&type=view HTTP/1.1
Host: wa.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:53:38 GMT
server: Apache
set-cookie: wa=opt-out; path=/; domain=.gmx.net; expires=Fri, 08-Dec-2023 05:53:38 GMT; secure; HttpOnly
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
p3p: CP="this is not a p3p policy"
access-control-allow-origin: *
vary: X-Forwarded-For
accept-ranges: bytes
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2

wa.gmx.net/gmx/gmx/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmx&portal=gmx&country=de&ts=1670478817251&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden

82.165.229.16

200 OK

43 B

URL HTTP/2
wa.gmx.net/gmx/gmx/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmx&portal=gmx&country=de&ts=1670478817251&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden
IP
82.165.229.16:0
ASN
#8560 IONOS SE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

POST /gmx/gmx/s?name=produkte.homepage-mail.expose.homepage-parken.page.1.footer.3&brand=gmx&portal=gmx&country=de&ts=1670478817251&eventType=expose&componentPath=page.1.footer.3&componentLabel=Sitemap%2520Impressum%2520AGB%2520Vertr%25E4ge%2520hier%2520k%25FCndigen%2520Datenschutz%2520E-Mail%2520N%25FCtzlich%2520Aktuell&domTagName=footer&referrer=http%3A%2F%2Fflorentina-plete-necky.com%2F&pageurl=https%3A%2F%2Fwww.gmx.net%2Fprodukte%2Fhomepage-mail%2Fhomepage-parken%2F&applicationArea=homepage-mail&contentName=homepage-parken&pageType=landing&type=hidden HTTP/1.1
Host: wa.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Content-Length: 0

HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:53:38 GMT
server: Apache
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
p3p: CP="this is not a p3p policy"
access-control-allow-origin: *
vary: X-Forwarded-For
accept-ranges: bytes
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2

ocsp.serverpass.telesec.de/ocspr

80.158.59.63

200 OK

1.6 kB

URL HTTP/1.1
ocsp.serverpass.telesec.de/ocspr
IP
80.158.59.63:0
ASN
#6878 T-Systems International GmbH

File type
data
Size
1.6 kB (1583 bytes)
Hash
e19779dfe33fd33cc8c5154f883d3440
6004ed14e7f48ba4b3c5cb6146d921236dc14a87
ebd904c7736bea7b3f69cb525ccd4f4533062408424b8b82d16a8cafe2713edb

HTTP Headers

POST /ocspr HTTP/1.1
Host: ocsp.serverpass.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:53:38 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1583
Connection: close

epimetheus.navigator.gmx.net/monitoring/compat

217.72.199.22

204 No Content

0 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring/compat
IP
217.72.199.22:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /monitoring/compat HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 61
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Date: Thu, 08 Dec 2022 05:53:38 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bap
X-App-Host: epimetheus-gmx-live-84ccbdc599-pfwd2
X-App-Version: 1.9.1
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

epimetheus.navigator.gmx.net/monitoring

217.72.199.22

202 Accepted

2 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring
IP
217.72.199.22:0
ASN
#8560 IONOS SE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /monitoring HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 185
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 202 Accepted
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Content-Type: application/json
Date: Thu, 08 Dec 2022 05:53:38 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bap
X-App-Host: epimetheus-gmx-live-84ccbdc599-pfwd2
X-App-Version: 1.9.1
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

epimetheus.navigator.gmx.net/monitoring/compat

217.72.199.22

200 OK

2 B

URL HTTP/1.1
epimetheus.navigator.gmx.net/monitoring/compat
IP
217.72.199.22:0
ASN
#8560 IONOS SE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /monitoring/compat HTTP/1.1
Host: epimetheus.navigator.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 62
Origin: https://www.gmx.net
Connection: keep-alive
Referer: https://www.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.gmx.net
Access-Control-Expose-Headers: link
Cache-Control: no-cache, private
Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
Content-Type: application/json
Date: Thu, 08 Dec 2022 05:53:38 GMT
Referrer-Policy: no-referrer, strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin
Server: Apache
X-App-Dc: bap
X-App-Host: epimetheus-gmx-live-84ccbdc599-d67pq
X-App-Version: 1.9.1
X-Content-Security-Policy: frame-ancestors 'self'; script-src 'self'; style-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3385
Expires: Thu, 08 Dec 2022 06:50:03 GMT
Date: Thu, 08 Dec 2022 05:53:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3385
Expires: Thu, 08 Dec 2022 06:50:03 GMT
Date: Thu, 08 Dec 2022 05:53:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3385
Expires: Thu, 08 Dec 2022 06:50:03 GMT
Date: Thu, 08 Dec 2022 05:53:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4565 bytes)
Hash
00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 28926
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 24053
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8626 bytes)
Hash
d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 28926
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7801 bytes)
Hash
8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 23823
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 44073
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14896 bytes)
Hash
4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 77907
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.gmx.net/produkte/homepage-mail/homepage-parken

82.165.229.85

301 Moved Permanently

0 B

URL HTTP/2
www.gmx.net/produkte/homepage-mail/homepage-parken
IP
82.165.229.85:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /produkte/homepage-mail/homepage-parken HTTP/1.1
Host: www.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://florentina-plete-necky.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 05:53:37 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/html
rtss: 1-*-1
location: https://www.gmx.net/produkte/homepage-mail/homepage-parken/
vary: Accept-Encoding
p3p: CP="{}"
set-cookie: TS72888fff027=08105a8158ab20001f9bfb6bc4034dfb6fd82cee7071fa68ced1c3794337b984858e29fa0bd2e0e30832ea7ddf113000c47b9a54673aaffa7424be4884bc0ed8d24093827711fa930e5654e7407de8b439686289e9fe0e341aeda13b3ba227af;Path=/
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations