Report - pxlme.me/Up3CPuxb

Report Overview

Submitted URL
pxlme.me/Up3CPuxb
IP
51.15.139.10
ASN
#12876 Online S.a.s.
Submitted
2022-09-30 21:40:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
pxlme.me	589244	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	324 B	51.15.139.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
web8741.web07.bero-webspace.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	3.0 MB	109.71.253.24
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	113 kB	142.250.74.72
www.icscards.nl	863706	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	6.5 kB	185.195.93.72
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	pxlme.me/Up3CPuxb	International Card Services B.V

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	pxlme.me/Up3CPuxb	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/sca-login	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/saved_resource	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/plx.check.js	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/proxyid.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/runtime.j.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/SunOT-Regular.ttf	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/collectddna.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/main.js(1).download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/sunot-bold-webfont.woff2	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/TSPD/?type=21	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/jquery.min.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/runtime.j.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/modernizr.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/main.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/arcotfpcollect.js.download	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/safety/sca/saved_resource.html	Phishing
2022-09-30	medium	web8741.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	pxlme.me	Sinkholed

JavaScript (43)

	URL	Size	First Seen	Last Seen
	web8741.web07.bero-webspace.de/safety/	64 B	2023-03-07	2024-04-14
Pretty URL web8741.web07.bero-webspace.de/safety/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:59 Last Seen2024-04-14 02:33:33 Times Seen33 Hash df1fdf3e64cc943390f6616279dc6d89 45711487a47f80fe30802711954d3331a7df90d1 1378f0319bca5e0b2360a21db0816e498a0a264edef020f7cdf7ea4274601805 Loading...

	web8741.web07.bero-webspace.de/safety/sca/saved_resource	8.0 kB	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/saved_resource IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 43e4cd4d0d896cc2c4c1b724ce008764 b6df31b85bd329a6f026c41795c2ac83ad9dab87 91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349 Loading...

	web8741.web07.bero-webspace.de/safety/sca/main.js.download	193 kB	2023-03-07	2024-01-04
Pretty URL web8741.web07.bero-webspace.de/safety/sca/main.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen9 Hash 3c7049d4df41a5ad440fc368a059ddaf fcd3812dfcd3bd6f27c6952300dace825016bfd6 010877cc8f51a1623c13763c228ae9168cc4fd9e441348dd66029233834d6d89 Loading...

	web8741.web07.bero-webspace.de/safety/	128 B	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 79eb7841b069766eadc470d30202d4e2 7ad40ecb76cc07ef07dde0119bc5f7d63281ccd7 f695a74df0fb977ca1aa8d90bcf462983800c76dd9f1ef4f0d76a52eb673632f Loading...

	web8741.web07.bero-webspace.de/safety/sca/saved_resource.html	374 B	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/saved_resource.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 1d50b742a1078587ed9e9ba688fd2db7 756fa92b8f959d684fff42031f7c8b778c2b367b c0bc74ae251c6024d20d371de10328ab873a6e93e3407a5e9f03ff826fc671c4 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 18:49:51 Times Seen37023724 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	web8741.web07.bero-webspace.de/safety/sca/sca-login	32 kB	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/sca-login IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 11:32:14 Times Seen1 Hash 52bc9aa39483d1929feb79179c853b5c 774ccc05b7147bf5c0300853ec12162612bddfe7 0684619fde3e0ebb7a66fdec14f0b6e44a1a35a96fdcb9c8a9b1dcacbeee8470 Loading...

	web8741.web07.bero-webspace.de/safety/sca/modernizr.js.download	1.5 kB	2023-03-07	2024-01-04
Pretty URL web8741.web07.bero-webspace.de/safety/sca/modernizr.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen9 Hash 25cbdbc5350d7517649d75cc891fd2fd cd2634359e143b23eaac2c528e2162c9117d8e67 076157b465fa93c42e7100a6e904d4bfe90e788f48a12e55419f3aa5ca2bb3e3 Loading...

	web8741.web07.bero-webspace.de/safety/	178 B	2023-03-07	2023-07-14
Pretty URL web8741.web07.bero-webspace.de/safety/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-07-14 15:27:10 Times Seen4 Hash d0e439546c7c1f21ca6d53dd7e84d245 ff04ee4db1bb20c8c4c5617cee763576f71695da eb7595897e7aa8aeeddb618208d4dd53fd2aa264a7509b8387911f174f97a852 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer	400 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:58:44 Last Seen2023-03-08 03:58:44 Times Seen1 Hash 9f6219001f281e767d317db6a7b1f96c 176f2f375fccaae5d750d8e53d9578a2550378be 49c7b4cb51b823c1162fbfa64cb9d4adf6379c1db91fff9ba4228290325520bd Loading...

	web8741.web07.bero-webspace.de/safety/	16 B	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/ IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 50bfa8a7676c95749da0ff59cb807098 456f90bb4814eb16b9b74b41d1784cb68080bc2e e2ff8b3cd2a525c256a795e1f585988276cf7e9c4caf7a503bf6f7d1de538f72 Loading...

	web8741.web07.bero-webspace.de/safety/sca/jquery.min.js.download	87 kB	2023-03-07	2024-04-23
Pretty URL web8741.web07.bero-webspace.de/safety/sca/jquery.min.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-23 18:15:00 Times Seen263356 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	web8741.web07.bero-webspace.de/safety/sca/saved_resource.html	5.1 kB	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/saved_resource.html IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash a94a9048aff9fab96612dc48038263f0 5cc4f7d46a16fed8786d08882c7cec47a4131ec0 74674f8b122212a3c322789a319a1ee9723a20afc87c7a4f4025e1bbf8b623f6 Loading...

	web8741.web07.bero-webspace.de/safety/sca/arcotfpcollect.js.download	56 kB	2023-03-07	2024-03-04
Pretty URL web8741.web07.bero-webspace.de/safety/sca/arcotfpcollect.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-03-04 01:02:27 Times Seen13 Hash e1ba6cc4bfe644f6d1252d10994b8395 1fa8e789a1b738cd96a511728184e6c0c148d849 551adb05bca5625965bd33c60190c6afb9f00a5fe13ca6c18283129223a0e6b2 Loading...

	web8741.web07.bero-webspace.de/safety/sca/plx.check.js	405 B	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/plx.check.js IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 2fdf1c376f83a3be5395f99b968f9032 aeac7b561dc0fb28d1ff5e89d4169c0a4c296dbc f9319a3cb3f94b3f15178b435645c53c01ff399253bb87377beae7557b83ad0f Loading...

	web8741.web07.bero-webspace.de/safety/sca/collectddna.js.download	3.3 kB	2023-03-07	2024-01-04
Pretty URL web8741.web07.bero-webspace.de/safety/sca/collectddna.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2024-01-04 00:34:56 Times Seen11 Hash ba4950a8ffc3bd0d3cac62f7826d94b4 1124ac90e4fc2a0b8b8f97d113d63d25ed845284 608612cd000271d2b9944308d2a696d84d4fb3326a94ad0b89695a7aaf025e23 Loading...

	web8741.web07.bero-webspace.de/safety/sca/proxyid.js.download	242 B	2023-03-07	2023-03-17
Pretty URL web8741.web07.bero-webspace.de/safety/sca/proxyid.js.download IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash c250b045737eb1d8167f215c166872f0 548b3b9294765d5bf096e60fc3bbca67877c93c6 525199a140d9c8ffc27e88b3923ac409187495c89bd22433d7b9a239fd095f0d Loading...

	web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)	53 kB	2023-03-07	2024-04-14
Pretty URL web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1) IP 109.71.253.24 ASN #44486 SYNLINQ Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:07 Last Seen2024-04-14 02:33:35 Times Seen307 Hash c2e3dd5a6731ab68f051021eff499f4f 6739b37fb552d92db4ca07e5f25e783950b0ec75 552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e0d1a193d1b68c8c7b19679ac48a2ad	435 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 9e0d1a193d1b68c8c7b19679ac48a2ad 5c2454d043de84b38a083e12070c4d8cc10585d5 9058f5b44ded59138175a97af681d148ca1dc1ce65f0dd179360694f55b2255d Loading...

	#2 Eval - 6034ad255fb57d4fd4b25e8355d838a7	21 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 6034ad255fb57d4fd4b25e8355d838a7 31f2b4c90b50112a721f7a86ab9559c59ee24cea 4889753e95ccdb34497a0faa8c627bb9f79a6911df69c28c4a9026867d7b8038 Loading...

	#3 Eval - 9958c2cb3e4f9aa42a7b080711403b04	224 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 9958c2cb3e4f9aa42a7b080711403b04 d68edf3653ebdd71349c4f8ab4124b53f077ad8f a7d5344d6b13c176c152ffb0c143095688a8f0c99a6c4e6f6f647af90095ead2 Loading...

	#4 Eval - f71b02f85dacf1c1801758a1faad7032	393 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash f71b02f85dacf1c1801758a1faad7032 c212f21442d3e65a0ed41845067abe2e8822fe17 407fa59236ffe3e4f3c3989d40ee16087abeb3caa9a56d40204bd6a623a9175e Loading...

	#5 Eval - 7d239a31a3bb0c29d1e80a4cee0ae9ce	22 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 7d239a31a3bb0c29d1e80a4cee0ae9ce f0cafc56dd27a5df45edd6c313a98ef7ad274830 08ddcec698d66136eac2c37762bef065b2835fe8ea347aac65137e6acf22051e Loading...

	#6 Eval - 34ae7349f3c036c000ace8a188b757ca	393 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 34ae7349f3c036c000ace8a188b757ca 1e0aef5226d4e79e6af723e2a51a0cf1776af4bc 6d66d266ffe906642925e2878bdd85a3eab174a8daa8e712ee0dee86d7a4a2a6 Loading...

	#7 Eval - 1b0341b349154d927917387999f1aa41	308 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 1b0341b349154d927917387999f1aa41 f11cc86bd8165f5d62c125fe0ae6040568c6b3b1 46f20dc4ecb882387f754c14135fdcd7a4c290a4f0194417f8cbfaa8cd96d364 Loading...

	#8 Eval - ad7b3a88f1be9ec377c726e96a83cb14	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash ad7b3a88f1be9ec377c726e96a83cb14 ab0a3ac69be40b23cdb8aa22230208f4a4b53cf4 9e81828735369ce4c17f97cd90255ea0b639e80af31aa2f5af3e0476e7108229 Loading...

	#9 Eval - f28ce22cfb2ece14c5f3e2417ca49e05	24 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash f28ce22cfb2ece14c5f3e2417ca49e05 9a68c8b3b54c4001e92eebeb707ef4e3943a77af c305f420288c47aa66df970a6c243b77777903eebedd59b9f67b1ece1ab023da Loading...

	#10 Eval - 23df4b0f78a2f0f436f3b4d9ed813875	25 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 23df4b0f78a2f0f436f3b4d9ed813875 0963f4b8ba2e1fb36e346f73d962038876064f98 67899a50d2cf0cf399c816b9584d61715f51828ab6a3605a67331cde8779f2ca Loading...

	#11 Eval - 1a8f59edaa9e8efc6fe29521e27dca24	393 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 1a8f59edaa9e8efc6fe29521e27dca24 e4acc090bf99d1773859dc7f0f3d453891524b28 f719e653932761ac026863c91489cf5e58062145a80ed58d6b56e54a7c1b9c45 Loading...

	#12 Eval - e05c6721aa8d3b64e56fbb5b5e30baaf	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash e05c6721aa8d3b64e56fbb5b5e30baaf 3b4609e16fe049b8c068a41c07f79ef865452fea f81f68ba381e2a023ec0b3e123acbc439102b6935e472ffdcc81bed8333be255 Loading...

	#13 Eval - d335d21e4486cf9c454c8638898cd244	436 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash d335d21e4486cf9c454c8638898cd244 ccd1e977db7349454bab46ec40dc563f8e1912d5 38a77815a2cebaebd9bbf6f2b52009c71d668a03e7c2389f50bf16a15494a572 Loading...

	#14 Eval - 0301eb1daf649e1a3f03fa233cc07375	221 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 0301eb1daf649e1a3f03fa233cc07375 24783eb076cbc6b64b64a20b2895178902d11a10 1bc10dadb3eae4448fecd16e9190744f08825491e208b2203912b2611d109dc5 Loading...

	#15 Eval - fb2d3670d4999c8f5d7e45ec376df10b	222 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash fb2d3670d4999c8f5d7e45ec376df10b e74dda47e71bd70a9fb601652c55299b5b8f6679 ef672329f1de5b1fa6b9d267e7328e9d22e9e16ea6f0c44b743ce8ee21f6eeec Loading...

	#16 Eval - 2ddfb8d34dbedf115a4dc3d9678b962a	21 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 2ddfb8d34dbedf115a4dc3d9678b962a d7e89c471a260d023047f515bb1c34542a2f421c 48f42ff7e80c8ad9630397c9e4e8077a75004428e460f7dc4eae4d564888906f Loading...

	#17 Eval - dbd05224981aecb76df44d8e367f1cb2	224 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash dbd05224981aecb76df44d8e367f1cb2 9b1fa3884b8ac03b4df39598f4b380527995813f 4dac348b1dfde00772160122636698a45639ff58b4ca4dec7b27a6f008b9c17d Loading...

	#18 Eval - 0fac64ba06eecf3ea1b11d16b3ac5caf	392 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 0fac64ba06eecf3ea1b11d16b3ac5caf 04db13eca8a0910575b0f5ab4b382253bac30c45 c10cc39c0de04ebce8e707cab5963b512c4336262da597dd47148f12b179ffee Loading...

	#19 Eval - 00382d84f8b8ea67199c9cda3c7e44e6	2.0 kB	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:02 Times Seen2 Hash 00382d84f8b8ea67199c9cda3c7e44e6 7976767b7d219c53b7924cdfa4c747a1376bd5b5 e749ab5db66f5db451e36e24c3666e45e8334e5b0d1158068d5a422f59dacfc1 Loading...

	#20 Eval - fddabd3326dc2d6acb657c6ac85875f9	435 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash fddabd3326dc2d6acb657c6ac85875f9 9b1dd090246859af8bd253b5029e9e0396a3ec5a b92475d231bfc5da11aeb85e31cd76b2adeeeebbb78363942c1ed02102388716 Loading...

	#21 Eval - 41a77401da27034db424f305e3eb6326	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 41a77401da27034db424f305e3eb6326 fdcec3a5b52aaa386ec1d7283e80735fde2f42d5 d9600086c47439b7cba4f492445671848899b3696b66e79e138a526ff26a596d Loading...

	#22 Eval - 9717c7bf5514ea540c0a4ae59bf9f450	23 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2024-04-07 21:16:27 Times Seen75 Hash 9717c7bf5514ea540c0a4ae59bf9f450 0091779cf229b04faef1de210e412ef5b83620fb a43996c7c354c4b5bf038ea622f19cc05a9f1a50f2212217d6f69a16080d9ca5 Loading...

	#23 Eval - 03ebc8583be4bd7c3c2253935f69c4d5	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash 03ebc8583be4bd7c3c2253935f69c4d5 cf32e8338a1bc1007042125258380ceb62c009f3 dc9e4b1065a36e862b7ba6999e24da76c59bd34cb813da9c5b38571777a56e74 Loading...

	#24 Eval - f56697ed1c3b6e3d423e4ac6440ad489	436 B	2023-03-07	2023-04-14
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-04-14 01:26:01 Times Seen2 Hash f56697ed1c3b6e3d423e4ac6440ad489 759a519f6e3694085d2890e715f71377314129c9 3e4cdc0708a9fda02aeae676b99639d2c3cbced467b82e20d0ef877d4e246479 Loading...

		Size	First Seen	Last Seen
	#1 Write - 12b4917561137140137e8f53d0116d83	92 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:24:48 Last Seen2023-03-17 12:34:19 Times Seen1 Hash 12b4917561137140137e8f53d0116d83 816c5503770e1cfbb990b709ad03c542fc757032 d891f55ccf031b697a77e6ceec1e4fc32327b32e1aea3e8b215ed61f20925065 Loading...

HTTP Transactions (52)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5566
Expires: Fri, 30 Sep 2022 23:12:58 GMT
Date: Fri, 30 Sep 2022 21:40:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 21:16:15 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aq9OCds-Z-j1eeXafplx81amHHZgyiookgZTxLkWYle-sx6CL2M9bg==
Age: 1437

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
907a916f7fa6454e2a6188fabc6ae7e1
598df147d5acc64827df4db1c339d11d79eae325
e091ff0b82847b6b43185d87c6f952a4adf5a772b229a12487a282545141081d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E091FF0B82847B6B43185D87C6F952A4ADF5A772B229A12487A282545141081D"
Last-Modified: Thu, 29 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13390
Expires: Sat, 01 Oct 2022 01:23:22 GMT
Date: Fri, 30 Sep 2022 21:40:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9srqaI-bp9jqreEuvgBWPOoF-KGh3TSccwb1N_cVP-0lpyZkl2AhIw==
age: 58305
X-Firefox-Spdy: h2

pxlme.me/Up3CPuxb

51.15.139.10

302 Found

68 B

URL HTTP/1.1
pxlme.me/Up3CPuxb
IP
51.15.139.10:0
ASN
#12876 Online S.a.s.

File type
HTML document, ASCII text
Size
68 B (68 bytes)
Hash
a1ce48742794ab58c09c2799fdcef900
56beca51612b49855d64a5379a10615b1cff5e4a
7d6452e660405eb212ea1cff824b5e33b6ff41d13c68d6341e5bb6871666610b

Detections

Analyzer	Verdict	Alert
openphish	International Card Services B.V
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /Up3CPuxb HTTP/1.1
Host: pxlme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://web8741.web07.bero-webspace.de/safety
Pragma: no-cache
Date: Fri, 30 Sep 2022 21:40:12 GMT
Content-Length: 68

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce6130bc824c7a94f6ee258db9acc40e
3f6cb9d10261f182be571806a4ce854b802ee3fe
c25e323ad038f6b2a376c4887db7746bd5cfd7f4778ac31e935d33c2b82c1ecf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C25E323AD038F6B2A376C4887DB7746BD5CFD7F4778AC31E935D33C2B82C1ECF"
Last-Modified: Fri, 30 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Sat, 01 Oct 2022 03:39:46 GMT
Date: Fri, 30 Sep 2022 21:40:13 GMT
Connection: keep-alive

web8741.web07.bero-webspace.de/safety

109.71.253.24

301 Moved Permanently

335 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
335 B (335 bytes)
Hash
95601c874e7f819ae579e115035ee36c
f81761c92f7969746b1fc40a5e0e4ad45c0dede5
82eafd4351d218a726da63a6f3f582291ad7c99dbeb8a9a6baabdc286b43dbe2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html; charset=iso-8859-1
content-length: 335
location: https://web8741.web07.bero-webspace.de/safety/
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/

109.71.253.24

200 OK

14 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19277)
Size
14 kB (13966 bytes)
Hash
d8de4ccc7b160f5732ea6062e7ead1c4
d995a2bde96ad2194587c9ab2e0ad0637dfe10f3
71505fa6541a570677087111efb1ce793960ae65efba3b46bc8bcd36de7761c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/ HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html; charset=UTF-8
content-length: 13966
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 21:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 22:12:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vmds3aPAmMQxtn5iU5hRaQABSQ4JfSDmb_vA0eBtEyxHqsf5dFZ2cw==
Age: 640

web8741.web07.bero-webspace.de/safety/sca/sca-login

109.71.253.24

200 OK

32 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/sca-login
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12078)
Size
32 kB (31541 bytes)
Hash
52bc9aa39483d1929feb79179c853b5c
774ccc05b7147bf5c0300853ec12162612bddfe7
0684619fde3e0ebb7a66fdec14f0b6e44a1a35a96fdcb9c8a9b1dcacbeee8470

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/sca-login HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/octet-stream
content-length: 31541
last-modified: Fri, 30 Sep 2022 17:20:55 GMT
etag: "63372577-7b35"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/saved_resource

109.71.253.24

200 OK

8.0 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/saved_resource
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (662)
Size
8.0 kB (7969 bytes)
Hash
43e4cd4d0d896cc2c4c1b724ce008764
b6df31b85bd329a6f026c41795c2ac83ad9dab87
91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/saved_resource HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/octet-stream
content-length: 7969
last-modified: Fri, 30 Sep 2022 17:20:54 GMT
etag: "63372576-1f21"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/plx.check.js

109.71.253.24

200 OK

209 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/plx.check.js
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
209 B (209 bytes)
Hash
65a7d1a66a5b6f665f49900274e318e8
ed2a23b7c7bd5ec1e42127e381cd5089b88bc2a7
61b441852598829f84cc6605312cf152c2b5f74c05721f0e689daac188a4b929

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/plx.check.js HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
content-length: 209
x-accel-version: 0.01
last-modified: Fri, 30 Sep 2022 17:20:53 GMT
etag: "195-5e9e837579bc5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/proxyid.js.download

109.71.253.24

200 OK

220 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/proxyid.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
220 B (220 bytes)
Hash
cf3fdcb6394ca0e8e3572fb475e9e6a1
cb675d9ac518343f4875920256f1c624712bdf2e
fcd6504c3c6c1d1f3a2eea7953420cff9ab77162edded72d2e27c391f5d46f69

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/proxyid.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
content-length: 220
x-accel-version: 0.01
last-modified: Fri, 30 Sep 2022 17:20:54 GMT
etag: "f2-5e9e837633475-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2478
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 21:40:13 GMT
Last-Modified: Fri, 30 Sep 2022 20:58:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

web8741.web07.bero-webspace.de/safety/sca/zero.png

109.71.253.24

200 OK

68 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/zero.png
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /safety/sca/zero.png HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Fri, 30 Sep 2022 17:20:56 GMT
etag: "44-5e9e8377e7caf"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer

142.250.74.72

200 OK

113 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65321)
Size
113 kB (112669 bytes)
Hash
304acd0f34c281bdc6dc5018282f954d
8bc994c05f1dc80264c2d6376dba9e0f85866e91
cbd869c1abbc8d3a3e8a727a24e4a61db5c18f0c971d6ad92654273edf38f6bc

HTTP Headers

GET /gtm.js?id=GTM-MHW4QGN&l=global_layer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 21:40:13 GMT
expires: Fri, 30 Sep 2022 21:40:13 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 112669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/runtime.j.download

109.71.253.24

404 Not Found

87 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/runtime.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
87 kB (86870 bytes)
Hash
87c2054f3d1127a89512da71ea970541
26c5f65a2af8c2581d9937ab11b8c5bf79c52461
06ff03b59a4865469425fa7ca396e16bcb94b51f97cda44780f3c98473e67f7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/runtime.j.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/SunOT-Regular.ttf

109.71.253.24

200 OK

86 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/SunOT-Regular.ttf
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
TrueType Font data, 15 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size
86 kB (86304 bytes)
Hash
6150bb0f5b1e975bc0b616b61845f49c
4ea5afcef3164f6dbae351f9d12c13ad9514fd92
69e81e13ae217c9a436756a0f91d43af57f3adb823ea36f94d33f03cb4694981

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/SunOT-Regular.ttf HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/sca/styles.css
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: font/ttf
content-length: 86304
last-modified: Fri, 30 Sep 2022 17:20:55 GMT
etag: "63372577-15120"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 21:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

web8741.web07.bero-webspace.de/safety/sca/collectddna.js.download

109.71.253.24

200 OK

11 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/collectddna.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
11 kB (10912 bytes)
Hash
2da9db53abdd79edca51298692c47378
c40e90d352ad940fe40fa0a3034563357d9102fa
eaa6415dfa3a4aa3cde2553f4ab7a469530959ac7ca858e313c4ae38a3304adc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/collectddna.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 17:20:47 GMT
etag: W/"6337256f-d13"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/main.js(1).download

109.71.253.24

200 OK

2.4 MB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/main.js(1).download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (65536), with no line terminators
Size
2.4 MB (2440637 bytes)
Hash
e1536c8df7642a47faf5e52414e95644
31111ec408192ab9c2eaedd75b8167ef0bd87c72
9b86e530307d396082ae6b004665b4b8a1dc7212f94f41e530c36bcc0cac3d70

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/main.js(1).download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/octet-stream
content-length: 2440637
last-modified: Fri, 30 Sep 2022 17:20:53 GMT
etag: "63372575-253dbd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/sunot-bold-webfont.woff2

109.71.253.24

200 OK

25 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/sunot-bold-webfont.woff2
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 4.66\012- data
Size
25 kB (24800 bytes)
Hash
819f042f2484072228ad1cb32902ffd8
22955f1851a789580b5c6136886ff2ceea0726ac
265235296a58d38174ac7198a96e108c4e9c7ceceb0ccb700d352c8b99a7c99d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/sunot-bold-webfont.woff2 HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/sca/main-ics.css
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: font/woff2
content-length: 24800
last-modified: Fri, 30 Sep 2022 17:20:55 GMT
etag: "63372577-60e0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
43384a7c83e27d2da309134c471fe2c3
7d5bc3d6e4392c507aaa84a541b1386c3926ca23
28329245a2037f71b8009e96fe329f7dfbbba5cb675e7b0ce2deecc71beb5fae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 21:40:14 GMT
Last-Modified: Fri, 30 Sep 2022 21:03:33 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb

109.71.253.24

200 OK

283 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text, with very long lines (545)
Size
283 kB (282826 bytes)
Hash
3db107422a2a20e84e1842d30ef7aa06
efe9a5d9a37fd55f84ec23dc222c2fe6f54dd032
49646c016f4d29b0499b92cb483ceb98a3170c3aba81ae563acc2961bdc65484

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/sca/saved_resource.html
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:14 GMT
content-type: application/octet-stream
content-length: 282826
last-modified: Fri, 30 Sep 2022 17:20:46 GMT
etag: "6337256e-450ca"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)

109.71.253.24

200 OK

53 kB

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
C source, ASCII text
Size
53 kB (53065 bytes)
Hash
c2e3dd5a6731ab68f051021eff499f4f
6739b37fb552d92db4ca07e5f25e783950b0ec75
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1) HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/sca/saved_resource.html
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:14 GMT
content-type: application/octet-stream
content-length: 53065
last-modified: Fri, 30 Sep 2022 17:20:46 GMT
etag: "6337256e-cf49"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/TSPD/?type=21

109.71.253.24

404 Not Found

841 B

URL HTTP/2
web8741.web07.bero-webspace.de/TSPD/?type=21
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
841 B (841 bytes)
Hash
91ed84b846287f51ae8033af4c946989
41e0e83c9df97e7cff2fa8182fcf73f6216b15e9
0ae2958b11f765cdab5fa40d7c6ec1f891194348b45758dd57b7140a916ba7f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /TSPD/?type=21 HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:14 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/error_docs/styles.css

109.71.253.24

200 OK

948 B

URL HTTP/2
web8741.web07.bero-webspace.de/error_docs/styles.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type
ASCII text
Size
948 B (948 bytes)
Hash
0609b582b779b34fac999fc5e728804f
e62f5606ba6e8ed97cd8ab7f867e4e3fafd024e1
c53e939d03cabaa8970cdcb8d3c9fdb7ee26c99ab1cda3a56d043893c5bd09c3

HTTP Headers

GET /error_docs/styles.css HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/TSPD/?type=21
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:14 GMT
content-type: text/css
content-length: 948
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: "a9e-5e9e7972ea57a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.icscards.nl/webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png

185.195.93.72

200

5.5 kB

URL HTTP/1.1
www.icscards.nl/webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png
IP
185.195.93.72:0
ASN
#42649 Baffin Bay Networks AB

File type
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5528 bytes)
Hash
75d0a29d4d1a08405f39799bcb986e63
da64454d7277c531786146796026f49f89e9d4db
1a99f7b02b4517fa7e085315d99cdc0b9e13b0b1c904c683679a05de7a7d1a63

HTTP Headers

GET /webfiles/1656567843470/media/theme/ics-nl/images/icons/favicon-144x144-withoutlines.png HTTP/1.1
Host: www.icscards.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
content-length: 5528
content-type: image/png;charset=UTF-8
date: Fri, 30 Sep 2022 21:40:13 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: max-age=31536000
expires: Sat, 30 Sep 2023 21:40:14 GMT
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors www.anwb.nl www.worldcard.nl www.yourmastercard.nl www.icscards.nl *.icscards.nl.cipe.local icscards.nl
strict-transport-security: max-age=31536000; includeSubDomains
Set-Cookie: BIGipServer~ICSDLB02~pool_www.icscards.nl_8016=rd11o00000000000000000000ffff0af4d3d1o8016; path=/; Httponly; Secure
_tpc_persistance_cookie=!ebT7ZAMhX56x7ZK8EOda6AVGp4P79cd+hFQNAVmaoL+L55uvV8+wzGnNpi/VgMwYffayacbH2rcqyZw=; path=/; Httponly; Secure
BBN01677320=0135ab579affe2c1fe11df4ff9bdaf058c06c57a7a3eed85d2be8ff2a3d9a3ace51d449ed1aeef1d0042c41fe138ff65416c6a5ca88b1478cefb1995c2d8f3dabdba243e07; Path=/; Domain=.www.icscards.nl; Secure; HTTPOnly
Accept-Encoding: gzip, deflate, br

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5696
Expires: Fri, 30 Sep 2022 23:15:11 GMT
Date: Fri, 30 Sep 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5696
Expires: Fri, 30 Sep 2022 23:15:11 GMT
Date: Fri, 30 Sep 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5696
Expires: Fri, 30 Sep 2022 23:15:11 GMT
Date: Fri, 30 Sep 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5696
Expires: Fri, 30 Sep 2022 23:15:11 GMT
Date: Fri, 30 Sep 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5696
Expires: Fri, 30 Sep 2022 23:15:11 GMT
Date: Fri, 30 Sep 2022 21:40:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10380 bytes)
Hash
139a144f8cb04ac8aae65f4bad1473e7
265840b2d2fc6eb764cc6409b05deee8d77a19c2
6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:24:00 GMT
age: 83775
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6722 bytes)
Hash
5b8d0a19bc0a56bb40a975c5c71af05a
3248ca3a8b88efd5be8499898fce957d096cf211
da44d6dd845dc400b0b76f19c67e5a79d9359ce24fe5e4490477f195b23203b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: 6aca2e04-02b4-4e42-8bba-9bbe2ace1ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPeLrGq1oAMFuAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610b0-65b0664d0233107029ef0157;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AJBSzj2-oh3i6UOpOUtGTcsdTFfHlZhIQchgvcnIeF-4mnNKRly5HQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:47:14 GMT
etag: "3248ca3a8b88efd5be8499898fce957d096cf211"
content-type: image/jpeg
age: 85981
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16011 bytes)
Hash
1389b1d624b44706c7a6f6b7eb769241
78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f7RrSV82yxUNWPUohKYX-_PBShMw7Qk82bepr3WAGkzHTjLR-gIXBA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:53:34 GMT
age: 82001
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14073 bytes)
Hash
11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:42:04 GMT
age: 86291
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8059 bytes)
Hash
d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:58:47 GMT
age: 60088
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5106 bytes)
Hash
13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aeTAqh8D5whTHS3seyOUj7QCNaITUh2ekHG8vNWZlpSeAnqPuFzmcQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:46:34 GMT
age: 86021
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/polyfills.j.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/polyfills.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/polyfills.j.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/jquery.min.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/jquery.min.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/jquery.min.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 17:20:50 GMT
etag: W/"63372572-152b5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/main-ics.css

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/main-ics.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /safety/sca/main-ics.css HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 17:20:51 GMT
etag: W/"63372573-3fc72"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/runtime.j.download

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/runtime.j.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/runtime.j.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/modernizr.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/modernizr.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/modernizr.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 17:20:53 GMT
etag: W/"63372575-5f1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/main.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/main.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/main.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 17:20:53 GMT
etag: W/"63372575-2f2c6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/styles.css

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/styles.css
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /safety/sca/styles.css HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 17:20:55 GMT
etag: W/"63372577-78c5d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/arcotfpcollect.js.download

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/arcotfpcollect.js.download
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/arcotfpcollect.js.download HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:13 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 17:20:47 GMT
etag: W/"6337256f-d9fd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/safety/sca/saved_resource.html

109.71.253.24

200 OK

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/safety/sca/saved_resource.html
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /safety/sca/saved_resource.html HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 21:40:14 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 17:20:54 GMT
etag: W/"63372576-19a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

web8741.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13

109.71.253.24

404 Not Found

0 B

URL HTTP/2
web8741.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13
IP
109.71.253.24:0
ASN
#44486 SYNLINQ

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13 HTTP/1.1
Host: web8741.web07.bero-webspace.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web8741.web07.bero-webspace.de/safety/sca/saved_resource.html
Cookie: PHPSESSID=7sm9s4m7v72qmv259sp9bor2rd; did_proxy=1:zEUeQFVqXRrb1FthfkZ64J1LHpob1ksgZd7jHNpUxXxlq0gz2-i7oZP9U70asvhwgYSKXzVQArfJATAYu8N_bw; BBN00000000100=082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce30855cbc20f07e0006406f45a8c8e207a383bd1ce5dc5c19fb63d9a392305aeef88e2c8281828fae91e85231cba75952302ab1841fe84501eb4c395e1284f8a6f05b1c678e8248bbe251383ed85c32466d66405115faa851c281a7311320575261240acfc9a2abca2dfcd59c97ba61568d4129d873f8d9194e06c96365e0acaffd64c3fd2cfe983d267f5d1c39790212d0d01f5ce582ee5e571d8d9d51900586e0149d9216d8763db98571af0707cf6b78b416543a70fb7ba852ec1299d07b1f9e3946a290de186f9036f17302cc494216e73e91f281313b4320826c7a8a6aef88f57b6b4fc74c166
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 30 Sep 2022 21:40:15 GMT
content-type: text/html
last-modified: Fri, 30 Sep 2022 16:36:06 GMT
etag: W/"328-5e9e7972ea57a"
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP