Report - gebuehrdhl.pages.dev/?track=9543709073354844

Report Overview

Visitedpublic

2025-07-16 15:11:52

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
paketgebuehr.com.de	unknown	unknown	2025-04-17	2025-06-14	3.9 kB	25 kB	188.114.96.1
gebuehrdhl.pages.dev	unknown	2020-09-02	2025-07-16	2025-07-16	982 B	7.3 kB	104.21.16.1
api.ipify.org	3267	2014-01-05	2014-10-06	2025-07-09	453 B	485 B	104.26.12.205
api.telegram.org	38509	2003-12-15	2015-06-25	2025-07-14	1.2 kB	745 B	149.154.167.220

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-16 15:11:30	low	Client IP	104.21.16.1	ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)
2025-07-16 15:11:31	low	Client IP	104.26.12.205	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
2025-07-16 15:11:31	low	Client IP	149.154.167.220	ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
2025-07-16 15:11:31	low	Client IP	149.154.167.220	ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-07-16	medium	gebuehrdhl.pages.dev/?track=9543709073354844	Detects file containing Telegram Bot API
2025-07-16	medium	javascript.script.md5:4c1140d67982e21fe312c296f8f72964	Detects file containing Telegram Bot API

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

URL

From

Size

First Seen

Last Seen

gebuehrdhl.pages.dev/?track=9543709073354844

ScriptElement

1.1 kB

2025-07-16

URL

gebuehrdhl.pages.dev/?track=9543709073354844

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Introduced by ScriptElement

Embedded true

Resource Info

First Seen 2025-07-16

Last Seen 2025-07-16

Times Seen 1

Size 1.1 kB (1117 bytes)

MD5 4c1140d67982e21fe312c296f8f72964

SHA1 7adf84bdf251627432d662c310c0de96a1c84ef1

SHA256 ce29386bc943d806c795e009ba993c1fd73ceed12dc458a87bb1991dd467bf09

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API

Format Code

paketgebuehr.com.de/?track=9543709073354844

ScriptElement

375 B

2023-03-07

2025-08-02

HTTP Transactions (13)

URL IP Response Size

GET paketgebuehr.com.de/cdn-cgi/images/cf-icon-browser.png

188.114.96.1

200 OK

484 B

URL

paketgebuehr.com.de/cdn-cgi/images/cf-icon-browser.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typePNG image data, 100 x 80, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen9991

Size484 B (484 bytes)

MD559caf3c7eb63af78f12db37f41433779

SHA18024e688e78e910ae1ea3bc25be7a7ab65444b02

SHA25678a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/images/cf-icon-browser.png HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paketgebuehr.com.de/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lC%2FmmoXnN9UQEBxxS1Lkc9nYGAIx%2Bs8ymMa0tL4UQNt6QMRU6%2B6Zkssf%2BEsWh%2Bg9tvRXrOed7%2BlaR4wk4n87VGCWfaBQkEUul2cTsbJijBUZ"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 96026ed0bf64712e-OSL
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/cdn-cgi/images/cf-icon-error.png

188.114.96.1

200 OK

854 B

URL

paketgebuehr.com.de/cdn-cgi/images/cf-icon-error.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced

First Seen2023-04-21

Last Seen2025-08-02

Times Seen10046

Size854 B (854 bytes)

MD5e5577f04b6d92590410e26bd2292933b

SHA116946b2c99d98a57f83eac170ce94b012b7d1a7b

SHA25667f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/images/cf-icon-error.png HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paketgebuehr.com.de/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eLQHYuoF%2FiUHUoh3ItyBf1opiXAVct8%2B7%2FhxI1pc85%2BpuLzq9cWu%2FnLUYtYUcR5uD17yTEjk7VA5mIVLRnx3mpoth6FMrVEFPSg%2BtwOrmOt2"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 96026ed0cf77712e-OSL
X-Firefox-Spdy: h2

GET gebuehrdhl.pages.dev/?track=9543709073354844

104.21.16.1

200 OK

2.7 kB

URL

gebuehrdhl.pages.dev/?track=9543709073354844

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators

First Seen2025-07-16

Last Seen2025-07-16

Times Seen1

Size2.7 kB (2703 bytes)

MD5de039f8c2eacaaaa756e6011cf40a9d5

SHA155bd14c7aaee9e30762579ef871dce081bd34558

SHA25668e4b71a371fea01cb406c743067f65cd3edc6c24efc1ade16100f381de762f3

Certificate Info

IssuerCLOUDFLARE, INC.

Subjectgebuehrdhl.pages.dev

Fingerprint25:61:78:8F:70:11:AA:BC:F7:6F:ED:F8:46:F3:D3:0E:D8:D6:67:6E

ValidityTue, 15 Jul 2025 10:38:43 GMT - Mon, 13 Oct 2025 10:43:17 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /?track=9543709073354844 HTTP/1.1
Host: gebuehrdhl.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:31 GMT
content-type: text/html; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZZWXkvaN96bgLrrdSu38yOg6uKcoNz7A15L18gI4FdYIupn3GYs8qpJdV7Hu3WwExMn6RU1TfPA7NBAoYuTi652SfYE1%2F%2FS%2F3T3atCAJOLtXMb%2FJSFuZ8gOWC9%2BGwXdhACuSr9QrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 96026ebabee15688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5826&min_rtt=467&rtt_var=10660&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3513&recv_bytes=1279&delivery_rate=6407079&cwnd=254&unsent_bytes=0&cid=b77455c95f271f1c&ts=166&x=0"
X-Firefox-Spdy: h2

GET api.ipify.org/?format=json

104.26.12.205

200 OK

21 B

URL

api.ipify.org/?format=json

IP / ASN

104.26.12.205

#13335 CLOUDFLARENET

Requested byhttps://gebuehrdhl.pages.dev/?track=9543709073354844

Resource Info

File typeJSON text data

First Seen2023-04-05

Last Seen2025-08-02

Times Seen40935

Size21 B (21 bytes)

MD57d69c71af0f191e9a72db6153f8018d1

SHA1f67c5f2887bc05654b47f76e9621e53a4091aed1

SHA2565bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

Certificate Info

IssuerGoogle Trust Services

Subjectipify.org

Fingerprint8A:D4:06:E3:DF:41:70:FA:F8:24:61:06:C6:AD:47:97:37:2F:30:94

ValidityMon, 07 Jul 2025 23:06:13 GMT - Mon, 06 Oct 2025 00:05:56 GMT

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gebuehrdhl.pages.dev/
Origin: https://gebuehrdhl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:31 GMT
content-type: application/json
content-length: 21
cf-ray: 96026ebd0c7856ae-OSL
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=6084&min_rtt=544&rtt_var=11080&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1223&delivery_rate=6995169&cwnd=254&unsent_bytes=0&cid=ed2cf64318dd17ce&ts=143&x=0"
X-Firefox-Spdy: h2

GET gebuehrdhl.pages.dev/favicon.ico

104.21.16.1

200 OK

2.7 kB

URL

gebuehrdhl.pages.dev/favicon.ico

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://gebuehrdhl.pages.dev/?track=9543709073354844

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators

First Seen2025-07-16

Last Seen2025-07-16

Times Seen1

Size2.7 kB (2703 bytes)

MD5de039f8c2eacaaaa756e6011cf40a9d5

SHA155bd14c7aaee9e30762579ef871dce081bd34558

SHA25668e4b71a371fea01cb406c743067f65cd3edc6c24efc1ade16100f381de762f3

Certificate Info

IssuerCLOUDFLARE, INC.

Subjectgebuehrdhl.pages.dev

Fingerprint25:61:78:8F:70:11:AA:BC:F7:6F:ED:F8:46:F3:D3:0E:D8:D6:67:6E

ValidityTue, 15 Jul 2025 10:38:43 GMT - Mon, 13 Oct 2025 10:43:17 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gebuehrdhl.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gebuehrdhl.pages.dev/?track=9543709073354844
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:31 GMT
content-type: text/html; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AN6hwGnUiIoKUUCoCRnu1CMqaXCUKXp59DL2r5vv2dKx74BXbqszQjOX6SMq5kjfj6pjQx3xUcT2yhij4xaFToPrdxSNwhQNA0qIl0%2BOzHtnUGp4fBfsmCUSqYiFke%2FmKqtbmk%2FCZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 96026ebdcba75688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4066&min_rtt=464&rtt_var=7145&sent=11&recv=15&lost=0&retrans=0&sent_bytes=5492&recv_bytes=1438&delivery_rate=7528596&cwnd=257&unsent_bytes=0&cid=b77455c95f271f1c&ts=557&x=0"
X-Firefox-Spdy: h2

OPTIONS api.telegram.org/bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage

149.154.167.220

204 No Content

0 B

URL

api.telegram.org/bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage

IP / ASN

149.154.167.220

#62041 Telegram Messenger Inc

Requested byhttps://gebuehrdhl.pages.dev/?track=9543709073354844

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605985

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectapi.telegram.org

Fingerprint8B:AA:E2:A3:48:3C:0E:62:9D:B5:49:3A:BD:47:60:BA:AD:18:AA:8D

ValidityTue, 25 Mar 2025 13:09:41 GMT - Sun, 26 Apr 2026 13:09:41 GMT

HTTP Headers

OPTIONS /bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage HTTP/1.1
Host: api.telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gebuehrdhl.pages.dev/
Origin: https://gebuehrdhl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 16 Jul 2025 15:11:32 GMT
access-control-max-age: 86400
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/cdn-cgi/styles/main.css

188.114.96.1

200 OK

8.0 kB

URL

paketgebuehr.com.de/cdn-cgi/styles/main.css

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typeASCII text, with very long lines (8012)

First Seen2023-04-05

Last Seen2025-08-02

Times Seen29401

Size8.0 kB (8013 bytes)

MD5ff26f59e28a5fe6ea4ab23586415696b

SHA14182675484d175e363cd34b43041b7b1af93d0cd

SHA256d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/styles/main.css HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paketgebuehr.com.de/?track=9543709073354844
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: text/css
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fpQmpHRytplWg7PhximUtR1%2Blok5w1cjTAva591hQCSpFBLGdRwC%2FGkouAVGniPZbTeZgeMnBUfOGOThX4XjZJEgxUJRo0WYaCmAAEHYnTXM"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 96026ed09f4a712e-OSL
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/favicon.ico

188.114.96.1

404 Not Found

315 B

URL

paketgebuehr.com.de/favicon.ico

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typeHTML document, ASCII text

First Seen2023-03-07

Last Seen2025-08-02

Times Seen95581

Size315 B (315 bytes)

MD5a34ac19f4afae63adc5d2f7bc970c07f

SHA1a82190fc530c265aa40a045c21770d967f4767b8

SHA256d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paketgebuehr.com.de/?track=9543709073354844
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KqRlrBsU0ONiy6ifvm6f0rSJDPC%2FBlXK2Vp%2BNKFV94eqAQOiDqcWeWMAjgCrCyySVAdUmM32bV9ynCTVoHsiw0qrbEQayxVpe1MOFKYCtjpP"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: BYPASS
vary: accept-encoding
content-encoding: br
set-cookie: __ddg8_=XswOTDnbLrYzuKf2; Path=/; Domain=paketgebuehr.com.de; Expires=Wed, 16 Jul 2025 15:31:34 GMT
__ddg10_=1752678694; Path=/; Domain=paketgebuehr.com.de; Expires=Wed, 16 Jul 2025 15:31:34 GMT
__ddg9_=162.158.222.94; Path=/; Domain=paketgebuehr.com.de; Expires=Wed, 16 Jul 2025 15:31:34 GMT
__ddg1_=u82laFxpCj14y9zILyob; HttpOnly; Path=/; Domain=paketgebuehr.com.de; Expires=Thu, 16 Jul 2026 15:11:34 GMT
cf-ray: 96026ed10faf712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST api.telegram.org/bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage

149.154.167.220

400 Bad Request

56 B

URL

api.telegram.org/bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage

IP / ASN

149.154.167.220

#62041 Telegram Messenger Inc

Requested byhttps://gebuehrdhl.pages.dev/?track=9543709073354844

Resource Info

File typeJSON text data

First Seen2023-07-28

Last Seen2025-08-01

Times Seen124

Size56 B (56 bytes)

MD5d948d5845276032d39194409db9ad97b

SHA1475fe4e71224df85d494e34e0cb8ed799afcdb0d

SHA256a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectapi.telegram.org

Fingerprint8B:AA:E2:A3:48:3C:0E:62:9D:B5:49:3A:BD:47:60:BA:AD:18:AA:8D

ValidityTue, 25 Mar 2025 13:09:41 GMT - Sun, 26 Apr 2026 13:09:41 GMT

HTTP Headers

POST /bot8095778623:AAFmLSGaFNHtDxgqhdbnsKM9Aj7TwcyPa4o/sendMessage HTTP/1.1
Host: api.telegram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gebuehrdhl.pages.dev/
Content-Type: application/json
Content-Length: 99
Origin: https://gebuehrdhl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
server: nginx/1.18.0
date: Wed, 16 Jul 2025 15:11:32 GMT
content-type: application/json
content-length: 56
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/?track=9543709073354844

188.114.96.1

521 No Reason Phrase

7.0 kB

URL

paketgebuehr.com.de/?track=9543709073354844

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (396)

First Seen2025-07-16

Last Seen2025-07-16

Times Seen1

Size7.0 kB (7012 bytes)

MD533e636198b42da0a9e62a24d18066c00

SHA11f5720f92d2a7b9f86b6d4b2ddfabab2f9ccb386

SHA256016e500a48c692529987d5aa55bb50b575c875bc85592f5e3768fdaede1d835c

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /?track=9543709073354844 HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gebuehrdhl.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 521 No Reason Phrase
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: text/html; charset=UTF-8
content-length: 7012
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
server: cloudflare
cf-ray: 96026ecc9b5f712e-OSL
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/cdn-cgi/images/cf-icon-ok.png

188.114.96.1

200 OK

946 B

URL

paketgebuehr.com.de/cdn-cgi/images/cf-icon-ok.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen10043

Size946 B (946 bytes)

MD5dfaf0fbb758c874be231335db178381d

SHA18f2597eb7ba4c89892aac0559816db3f5280b23e

SHA256ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/images/cf-icon-ok.png HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paketgebuehr.com.de/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vRWGcvjW2bZMioSnvViJ9oceNao8QG78qZ5J1Z%2FQvwviBhdKKllfhwm3npski%2FQKuhWKCdeo%2FYr%2FkgA1LVZo20YyvqSXj%2FmciztL3QCntvpI"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 96026ed0bf69712e-OSL
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/cdn-cgi/images/cf-icon-cloud.png

188.114.96.1

200 OK

1.5 kB

URL

paketgebuehr.com.de/cdn-cgi/images/cf-icon-cloud.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typePNG image data, 152 x 77, 8-bit colormap, non-interlaced

First Seen2023-04-09

Last Seen2025-08-02

Times Seen10036

Size1.5 kB (1484 bytes)

MD53ec81e5e3a4de9fec46ce9e6999b9e27

SHA18f03b6857ab8d31feb65f97b1ae6b678efdc2ddd

SHA2563a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/images/cf-icon-cloud.png HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paketgebuehr.com.de/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Uaqm%2BsKqVJ72yTepakvo0lus6ifmbzCQz283%2BxOHLlQZDR%2FIWLxSo4d%2FIilHdEF2MezGa01fG6X%2BWnwwJasWCJ0R2dFlUr9M2rm46OYbCEjO"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 96026ed0cf71712e-OSL
X-Firefox-Spdy: h2

GET paketgebuehr.com.de/cdn-cgi/images/cf-icon-server.png

188.114.96.1

200 OK

1.4 kB

URL

paketgebuehr.com.de/cdn-cgi/images/cf-icon-server.png

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://paketgebuehr.com.de/?track=9543709073354844

Resource Info

File typePNG image data, 95 x 75, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen10043

Size1.4 kB (1384 bytes)

MD52c11e67182601007f577f8bf2c72fee8

SHA101dc915d4745f00632021c05d3eef634747a9c3d

SHA25641553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b

Certificate Info

IssuerGoogle Trust Services

Subjectpaketgebuehr.com.de

Fingerprint57:7D:20:E6:D0:F2:C3:B5:37:C8:8B:E8:05:4E:64:C5:4E:BE:78:7A

ValidityThu, 22 May 2025 07:18:25 GMT - Wed, 20 Aug 2025 08:17:10 GMT

HTTP Headers

GET /cdn-cgi/images/cf-icon-server.png HTTP/1.1
Host: paketgebuehr.com.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paketgebuehr.com.de/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 15:11:34 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=prayS3ErtJAolbl8Q9Qi%2BtpqCC%2FJWGqARXt9KpVOEl2WUNn3Z3cJaruQoGEyTTp3JBxy2vw3o1MEvM1oQQf0CnWWOd2gkMouMpH8qE0rJcg3"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 96026ed0cf73712e-OSL
X-Firefox-Spdy: h2