URL: https://alt.fraha.eu/
Submission: On October 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 91.203.110.227, located in Germany and belongs to CLOUDPIT, DE. The main domain is alt.fraha.eu.
TLS certificate: Issued by R3 on October 13th 2021. Valid for: 3 months.
This is the only time alt.fraha.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 91.203.110.227 45012 (CLOUDPIT)
1 2 217.160.0.233 8560 (IONOS-AS ...)
22 3
Apex Domain
Subdomains
Transfer
20 fraha.eu
alt.fraha.eu
51 KB
2 andyhoppe.com
www.andyhoppe.com
c.andyhoppe.com
310 B
0 t-online.de Failed
www.heute.t-online.de Failed
22 3
Domain Requested by
20 alt.fraha.eu alt.fraha.eu
1 c.andyhoppe.com alt.fraha.eu
1 www.andyhoppe.com 1 redirects
0 www.heute.t-online.de Failed alt.fraha.eu
22 4

This site contains no links.

Subject Issuer Validity Valid
fraha.eu
R3
2021-10-13 -
2022-01-11
3 months crt.sh
*.andyhoppe.com
Encryption Everywhere DV TLS CA - G1
2021-02-16 -
2022-03-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://alt.fraha.eu/
Frame ID: 55B67C54BA6B90B36E91333BAED90A38
Requests: 1 HTTP requests in this frame

Frame: https://alt.fraha.eu/auswahl.htm
Frame ID: CCF3533F2D1E3C031A2E304BC3714C87
Requests: 12 HTTP requests in this frame

Frame: https://alt.fraha.eu/leer.htm
Frame ID: D1C7FCE4053B13BE1A5A2B60249C1036
Requests: 2 HTTP requests in this frame

Frame: https://alt.fraha.eu/start.htm
Frame ID: CB8FD5F9984B65D005B420AAF8A7CF88
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

HamSols Heimatseite

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

51 kB
Transfer

52 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.andyhoppe.com/count/?s=blue&f=center&id=1019990325 HTTP 301
  • https://c.andyhoppe.com/count/?src=2&s=blue&f=center&id=1019990325

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
alt.fraha.eu/
746 B
579 B
Document
General
Full URL
https://alt.fraha.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
6fd4df8a96565783add07b08e1d94f1144e52900b9a7a443d20f9f8ff4b4fc21

Request headers

:method
GET
:authority
alt.fraha.eu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 13 Oct 2021 09:30:08 GMT
content-type
text/html
content-length
388
x-accel-version
0.01
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
etag
"2ea-5bf8dd3789557-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
auswahl.htm
alt.fraha.eu/ Frame CCF3
2 KB
672 B
Document
General
Full URL
https://alt.fraha.eu/auswahl.htm
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
19a4b5358eefdcdf9c40594f29f511293562e529593b6328ea86ef552fea7486

Request headers

:method
GET
:authority
alt.fraha.eu
:scheme
https
:path
/auswahl.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
https://alt.fraha.eu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/

Response headers

server
nginx
date
Wed, 13 Oct 2021 09:30:08 GMT
content-type
text/html
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
vary
Accept-Encoding
etag
W/"60709456-73d"
content-encoding
br
leer.htm
alt.fraha.eu/ Frame D1C7
162 B
311 B
Document
General
Full URL
https://alt.fraha.eu/leer.htm
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
54a3b64289945d0d0a08a2f258a1d7b9eedbf49fee2d3637890b618bce83d3fc

Request headers

:method
GET
:authority
alt.fraha.eu
:scheme
https
:path
/leer.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
https://alt.fraha.eu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/

Response headers

server
nginx
date
Wed, 13 Oct 2021 09:30:08 GMT
content-type
text/html
content-length
122
x-accel-version
0.01
last-modified
Fri, 09 Apr 2021 17:52:23 GMT
etag
"a2-5bf8dd3800f7b-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
start.htm
alt.fraha.eu/ Frame CB8F
2 KB
973 B
Document
General
Full URL
https://alt.fraha.eu/start.htm
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
62e8b72c048f2d1e779f487a3fbea935260fed0ea10d6307726f542088853416

Request headers

:method
GET
:authority
alt.fraha.eu
:scheme
https
:path
/start.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
https://alt.fraha.eu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/

Response headers

server
nginx
date
Wed, 13 Oct 2021 09:30:08 GMT
content-type
text/html
last-modified
Fri, 09 Apr 2021 17:52:24 GMT
vary
Accept-Encoding
etag
W/"60709458-7b5"
content-encoding
br
auswahl.js
alt.fraha.eu/javascript/ Frame CCF3
133 B
305 B
Script
General
Full URL
https://alt.fraha.eu/javascript/auswahl.js
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
2d611dc6e9a1a979f78d9ff10fbceda8c42fa5edd98a26f0666d67f71d539cad

Request headers

:path
/javascript/auswahl.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 17:52:35 GMT
server
nginx
etag
"85-5bf8dd442d8cb-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
accept-ranges
bytes
content-length
107
logo.jpg
alt.fraha.eu/ Frame CCF3
3 KB
3 KB
Image
General
Full URL
https://alt.fraha.eu/logo.jpg
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
24eeada3d65c8470e825f94c09dd3f9339e59a2d421d54190a50eca9fe220c51

Request headers

:path
/logo.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:23 GMT
server
nginx
accept-ranges
bytes
etag
"60709457-bb4"
content-length
2996
content-type
image/jpeg
wir.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/wir.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
74a9a08abb3e54eb8f457c253aa6560207c3578e903f665669055cd048c72c7d

Request headers

:path
/wir.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:25 GMT
server
nginx
accept-ranges
bytes
etag
"60709459-7d5"
content-length
2005
content-type
image/gif
shg.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/shg.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
85a58077902f9663e721204af221db587fbd85f7f68eca74c1e935768e4a9504

Request headers

:path
/shg.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:24 GMT
server
nginx
accept-ranges
bytes
etag
"60709458-87a"
content-length
2170
content-type
image/gif
wg.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/wg.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
e61dfd09c6a49c0bddc86a0f688575c391ac7570cc68c48648d07db3ab1c70e2

Request headers

:path
/wg.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:24 GMT
server
nginx
accept-ranges
bytes
etag
"60709458-861"
content-length
2145
content-type
image/gif
macni.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/macni.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
dd7a34827dd614b2cea65cffdc7d6de7aa787438c5c8ef8f803adca2673d52ff

Request headers

:path
/macni.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:23 GMT
server
nginx
accept-ranges
bytes
etag
"60709457-8b9"
content-length
2233
content-type
image/gif
pt.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/pt.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
d2fc105c8ca29a5609d319d14245ce65972e3f620b29271d9bffdca4e178d85e

Request headers

:path
/pt.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:24 GMT
server
nginx
accept-ranges
bytes
etag
"60709458-80f"
content-length
2063
content-type
image/gif
link.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/link.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
95d0f91a445f1e3a92102b2d26b9e4cb713afbe341a8623b700f01fb160fc0f3

Request headers

:path
/link.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:23 GMT
server
nginx
accept-ranges
bytes
etag
"60709457-882"
content-length
2178
content-type
image/gif
gbuch.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/gbuch.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
4b22612954f48bfed69adef3ef2963b94837ee92236792d5095eaf6d4c5f611b

Request headers

:path
/gbuch.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
server
nginx
accept-ranges
bytes
etag
"60709456-86a"
content-length
2154
content-type
image/gif
a_zl.gif
alt.fraha.eu/ Frame CCF3
2 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/a_zl.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
f6d6940845111eebe570a4aa92a517077874cd4c93945626e6c8187cffe2152b

Request headers

:path
/a_zl.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
server
nginx
accept-ranges
bytes
etag
"60709456-7b5"
content-length
1973
content-type
image/gif
hamsol.css
alt.fraha.eu/ Frame CB8F
1 KB
379 B
Stylesheet
General
Full URL
https://alt.fraha.eu/hamsol.css
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/start.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
2cccfd9ee3e332354cc2ed816cc22c46b9b6f41dddd3ea493d8ba9c08db064ca

Request headers

:path
/hamsol.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/start.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/start.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
content-encoding
br
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
server
nginx
etag
W/"60709456-55b"
vary
Accept-Encoding
content-type
text/css
dom.gif
alt.fraha.eu/images/ Frame CB8F
19 KB
19 KB
Image
General
Full URL
https://alt.fraha.eu/images/dom.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/start.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
c684c62c2133d283be3ae736a95ed44aed444bb6163ef39d873a5442ff91ea7e

Request headers

:path
/images/dom.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/start.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/start.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:33 GMT
server
nginx
accept-ranges
bytes
etag
"60709461-4c11"
content-length
19473
content-type
image/gif
hamsol.gif
alt.fraha.eu/images/ Frame CB8F
5 KB
5 KB
Image
General
Full URL
https://alt.fraha.eu/images/hamsol.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/start.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
f161b7a8e8ca3d8c13b48f2245f5d8131dd3f7249abb0d9e54e0a04eed6f479e

Request headers

:path
/images/hamsol.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/start.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/start.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:33 GMT
server
nginx
accept-ranges
bytes
etag
"60709461-132c"
content-length
4908
content-type
image/gif
/
c.andyhoppe.com/count/ Frame CB8F
Redirect Chain
  • https://www.andyhoppe.com/count/?s=blue&f=center&id=1019990325
  • https://c.andyhoppe.com/count/?src=2&s=blue&f=center&id=1019990325
43 B
176 B
Image
General
Full URL
https://c.andyhoppe.com/count/?src=2&s=blue&f=center&id=1019990325
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/start.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.233 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-233.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
998dee632fb9160eb85a5046721984d454f381b37b33a72ebb721068fa4d318f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 09:30:08 GMT
cache-control
no-cache, no-store, must-revalidate
server
Apache
content-type
image/gif
content-length
43
expires
0

Redirect headers

location
https://c.andyhoppe.com/count/?src=2&s=blue&f=center&id=1019990325
date
Wed, 13 Oct 2021 09:30:08 GMT
server
Apache
content-length
286
content-type
text/html; charset=iso-8859-1
0,1522,,00.js
www.heute.t-online.de/ZDFheute/exports/ticker/ Frame CB8F
0
0

oben_x.gif
alt.fraha.eu/ Frame D1C7
1 KB
2 KB
Image
General
Full URL
https://alt.fraha.eu/oben_x.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/leer.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
d8de4168c2d542eca923ca2165ba259d1968bd959bfb6fef01a21a585c03a603

Request headers

:path
/oben_x.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/leer.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/leer.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:24 GMT
server
nginx
accept-ranges
bytes
etag
"60709458-5c8"
content-length
1480
content-type
image/gif
bground.gif
alt.fraha.eu/ Frame CB8F
807 B
958 B
Image
General
Full URL
https://alt.fraha.eu/bground.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/start.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
66e78c9767853dc2eefa4ee8100ae1bf3fc70071eb68d8b9bfba9dcbc055e080

Request headers

:path
/bground.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/start.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/start.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:22 GMT
server
nginx
etag
"327-5bf8dd3731ed8"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
807
links.gif
alt.fraha.eu/ Frame CCF3
842 B
993 B
Image
General
Full URL
https://alt.fraha.eu/links.gif
Requested by
Host: alt.fraha.eu
URL: https://alt.fraha.eu/auswahl.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.203.110.227 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
host227.checkdomain.de
Software
nginx /
Resource Hash
fe96918973d029ef469f9c79982c3ecce8808b03a1dad336e16eb6852b3cf54c

Request headers

:path
/links.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
alt.fraha.eu
referer
https://alt.fraha.eu/auswahl.htm
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://alt.fraha.eu/auswahl.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:30:08 GMT
last-modified
Fri, 09 Apr 2021 17:52:23 GMT
server
nginx
etag
"34a-5bf8dd3852c20"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
842

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.heute.t-online.de
URL
http://www.heute.t-online.de/ZDFheute/exports/ticker/0,1522,,00.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster

0 Cookies

3 Console Messages

Source Level URL
Text
security warning URL: https://alt.fraha.eu/start.htm(Line 1)
Message:
Mixed Content: The page at 'https://alt.fraha.eu/start.htm' was loaded over HTTPS, but requested an insecure element 'http://www.andyhoppe.com/count/?s=blue&f=center&id=1019990325'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://alt.fraha.eu/start.htm
Message:
Mixed Content: The page at 'https://alt.fraha.eu/' was loaded over HTTPS, but requested an insecure script 'http://www.heute.t-online.de/ZDFheute/exports/ticker/0,1522,,00.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://alt.fraha.eu/start.htm
Message:
Mixed Content: The page at 'https://alt.fraha.eu/start.htm' was loaded over HTTPS, but requested an insecure element 'http://www.andyhoppe.com/count/?s=blue&f=center&id=1019990325'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alt.fraha.eu
c.andyhoppe.com
www.andyhoppe.com
www.heute.t-online.de
www.heute.t-online.de
217.160.0.233
91.203.110.227
19a4b5358eefdcdf9c40594f29f511293562e529593b6328ea86ef552fea7486
24eeada3d65c8470e825f94c09dd3f9339e59a2d421d54190a50eca9fe220c51
2cccfd9ee3e332354cc2ed816cc22c46b9b6f41dddd3ea493d8ba9c08db064ca
2d611dc6e9a1a979f78d9ff10fbceda8c42fa5edd98a26f0666d67f71d539cad
4b22612954f48bfed69adef3ef2963b94837ee92236792d5095eaf6d4c5f611b
54a3b64289945d0d0a08a2f258a1d7b9eedbf49fee2d3637890b618bce83d3fc
62e8b72c048f2d1e779f487a3fbea935260fed0ea10d6307726f542088853416
66e78c9767853dc2eefa4ee8100ae1bf3fc70071eb68d8b9bfba9dcbc055e080
6fd4df8a96565783add07b08e1d94f1144e52900b9a7a443d20f9f8ff4b4fc21
74a9a08abb3e54eb8f457c253aa6560207c3578e903f665669055cd048c72c7d
85a58077902f9663e721204af221db587fbd85f7f68eca74c1e935768e4a9504
95d0f91a445f1e3a92102b2d26b9e4cb713afbe341a8623b700f01fb160fc0f3
998dee632fb9160eb85a5046721984d454f381b37b33a72ebb721068fa4d318f
c684c62c2133d283be3ae736a95ed44aed444bb6163ef39d873a5442ff91ea7e
d2fc105c8ca29a5609d319d14245ce65972e3f620b29271d9bffdca4e178d85e
d8de4168c2d542eca923ca2165ba259d1968bd959bfb6fef01a21a585c03a603
dd7a34827dd614b2cea65cffdc7d6de7aa787438c5c8ef8f803adca2673d52ff
e61dfd09c6a49c0bddc86a0f688575c391ac7570cc68c48648d07db3ab1c70e2
f161b7a8e8ca3d8c13b48f2245f5d8131dd3f7249abb0d9e54e0a04eed6f479e
f6d6940845111eebe570a4aa92a517077874cd4c93945626e6c8187cffe2152b
fe96918973d029ef469f9c79982c3ecce8808b03a1dad336e16eb6852b3cf54c