Overview

URL hb3d.de/
IP89.163.227.104
ASNAS24961 myLoc managed IT AG
Location Germany
Report completed2017-10-13 05:48:39 CEST
StatusLoading report..
urlQuery Alerts Crypto currency mining script


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-13 2 coinhive.com/lib/coinhive.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.163.227.104

Date UQ / IDS / BL URL IP
2017-10-18 00:49:09 +0200
2 - 1 - 1 bremer-community.de/ 89.163.227.104
2017-10-18 00:47:23 +0200
2 - 1 - 1 geoschatz.de/ 89.163.227.104
2017-10-17 21:26:26 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-17 18:30:18 +0200
2 - 1 - 1 ibb-fisi.de/ 89.163.227.104
2017-10-17 14:12:32 +0200
2 - 0 - 1 bc24.org/ 89.163.227.104
2017-10-17 14:00:20 +0200
2 - 1 - 1 bremer-community.de/ 89.163.227.104
2017-10-17 13:58:01 +0200
2 - 0 - 1 geoschatz.de/ 89.163.227.104
2017-10-17 09:09:23 +0200
2 - 1 - 1 laberecke.bc24.org/ 89.163.227.104
2017-10-17 06:37:39 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-17 06:07:09 +0200
2 - 1 - 1 ibb-fisi.de/ 89.163.227.104

Last 10 reports on ASN: AS24961 myLoc managed IT AG

Date UQ / IDS / BL URL IP
2017-10-18 03:31:35 +0200
0 - 0 - 2 gitlab.kovah.de/ 62.141.36.248
2017-10-18 03:16:50 +0200
0 - 6 - 0 starcard.tk/ 89.163.216.232
2017-10-18 03:06:43 +0200
0 - 0 - 1 burnfasts4tmz.world/ 89.163.213.247
2017-10-18 02:49:15 +0200
0 - 0 - 0 hotspot.hitrow.info 89.163.255.42
2017-10-18 02:25:26 +0200
0 - 1 - 0 hotelaurora.hu/ 213.202.212.212
2017-10-18 02:25:06 +0200
0 - 0 - 1 burnfasts4tmz.world/ 89.163.213.247
2017-10-18 00:49:09 +0200
2 - 1 - 1 bremer-community.de/ 89.163.227.104
2017-10-18 00:47:27 +0200
0 - 0 - 2 game-check.de/ 78.31.64.87
2017-10-18 00:47:23 +0200
2 - 1 - 1 geoschatz.de/ 89.163.227.104
2017-10-18 00:39:37 +0200
0 - 1 - 0 cloud.gamemania.tk/ 89.163.224.33

Last 10 reports on domain: hb3d.de

Date UQ / IDS / BL URL IP
2017-10-17 21:26:26 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-17 06:37:39 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-17 01:06:37 +0200
2 - 0 - 1 hb3d.de/ 89.163.227.104
2017-10-16 21:51:11 +0200
2 - 0 - 1 hb3d.de/ 89.163.227.104
2017-10-15 23:11:37 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-15 22:06:44 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-12 22:04:12 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-12 14:56:12 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-11 02:13:21 +0200
2 - 1 - 1 hb3d.de/ 89.163.227.104
2017-10-10 23:13:28 +0200
2 - 0 - 1 hb3d.de/ 89.163.227.104


JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.163.227.104
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:05 GMT
Content-Length: 178
Connection: keep-alive
Location: https://hb3d.de/


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "00DB60F38F2F31106BDA60C27B1A8C6D1A1533D80C6824B78D32FF06FAAE8844"
Last-Modified: Thu, 12 Oct 2017 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15276
Expires: Fri, 13 Oct 2017 08:02:42 GMT
Date: Fri, 13 Oct 2017 03:48:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    366f7819d9ab5fddc749862d1eede633
Sha1:   7204a67be04d8990361c0a53b5f8cce7ee426699
Sha256: 00db60f38f2f31106bda60c27b1a8c6d1a1533d80c6824b78d32ff06faae8844
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         192.35.177.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:06 GMT
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 12 Oct 2017 22:50:46 GMT
Etag: "8c3a5277f33c769101d91776ac8cdc75f81cf177"
Expires: Fri, 13 Oct 2017 22:50:46 GMT
Cache-Control: max-age=43200,public,no-transform,must-revalidate
Content-Length: 1398
Connection: close


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    0b5b7c955f4dfda894bb6e18061f8f8a
Sha1:   8c3a5277f33c769101d91776ac8cdc75f81cf177
Sha256: be5c82611710e66bad8e77a2eada680bdf03782cf4a30db57ef0b30b05d55d5e
                                        
                                            GET / HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:08 GMT
Content-Length: 5451
Connection: keep-alive
Link: <https://hb3d.de/wp-json/>; rel="https://api.w.org/", <https://wp.me/P7CwcY-s>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5451
Md5:    99b69586456af9a1393a24aaecdb9ebb
Sha1:   360fbafba33ee649fe570e1128ac74aebc7c6e31
Sha256: f83ec29fa5f0522cf87e6c64356a97d7439aee2e183e1ef0cfa5ded708519130
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.8.2 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 11915
Last-Modified: Tue, 19 Sep 2017 06:04:34 GMT
Connection: keep-alive
Etag: "59c0b372-2e8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   11915
Md5:    af2f44df3198cfda9fd515873696ad00
Sha1:   cc583f436ea6bdb172ce36105a676e2081065638
Sha256: dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 108
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:09 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=121735, public, no-transform, must-revalidate
Last-Modified: Fri, 13 Oct 2017 03:23:52 GMT
Expires: Sat, 14 Oct 2017 15:23:52 GMT
Etag: "310660966a1120ff98fe04d7906b8a3aada857ce"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1777
Connection: close


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    722c2062a0214f4e575a8cc9f188a52d
Sha1:   310660966a1120ff98fe04d7906b8a3aada857ce
Sha256: a2bace0adcd268f6bb8d41990215da7515a8a6fa62e4a859873055efb5db9146
                                        
                                            GET /wp-content/themes/basepress/js/navigation.js?ver=1.2.1 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 2967
Last-Modified: Fri, 15 Sep 2017 01:00:49 GMT
Connection: keep-alive
Etag: "59bb2641-b97"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text
Size:   2967
Md5:    49493316c090bb3d7cca5bc09031037c
Sha1:   b77b6525d82691c3d4ca05948e846500ea0cb1d3
Sha256: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:09 GMT
Expires: Tue, 17 Oct 2017 03:48:09 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e7bac3d0e71b2c79e04d4385fae30af0
Sha1:   4cbd66ee4d86b33ac497bde7e7d1cda767db5dc2
Sha256: bdad376aa4ed42be546c318f8d650108339a350fa37454a4b06d0728baaec563
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=334110, public, no-transform, must-revalidate
Last-Modified: Tue, 10 Oct 2017 00:34:08 GMT
Expires: Tue, 17 Oct 2017 00:34:08 GMT
Date: Fri, 13 Oct 2017 03:48:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fccd40351d25d6f5eecda73fdef9b3d8
Sha1:   0d2d2f37814bb53b7dca796acc9ee278ef6297ba
Sha256: 23e276d6aa20791de9110019cb7992bae490040d4cc3a06678449d1b3f2063e4
                                        
                                            GET /wp-content/themes/basepress/style.css?ver=1.2.1 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 91335
Last-Modified: Fri, 15 Sep 2017 01:00:49 GMT
Connection: keep-alive
Etag: "59bb2641-164c7"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  UTF-8 Unicode English text, with very long lines
Size:   91335
Md5:    f58142e5f8ee8ad0e4ff7154036efd48
Sha1:   8b004afec54255f758d27f0cd0c22ebd5c80c896
Sha256: e87b7f4470ab52d4d28287dfd4ab8f904b54e0262d094d2ff8cd0a30fd38819f
                                        
                                            GET /wp-content/themes/basepress/js/skip-link-focus-fix.js?ver=1.2.1 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 416
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 15 Sep 2017 01:00:49 GMT
Etag: "2ab-5592fec7d867d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   416
Md5:    e6f53264ebf762f651ef3c426aba7d7a
Sha1:   c94c31f4cdc7976febd8b722771d433fcd460d87
Sha256: e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:09 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=120119, public, no-transform, must-revalidate
Last-Modified: Fri, 13 Oct 2017 02:55:31 GMT
Expires: Sat, 14 Oct 2017 14:55:31 GMT
Etag: "26211cc339da3d9c457a19b55b6825c6fe1ed04d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1776
Connection: close


--- Additional Info ---
Magic:  data
Size:   1776
Md5:    13819edd0a2778cb5327b6c7dc8fcc5e
Sha1:   26211cc339da3d9c457a19b55b6825c6fe1ed04d
Sha256: 57395ec97807386857d2d2a96d9e1c9193c0d0b0b51f5259f1e59492da6165ab
                                        
                                            GET /wp-content/themes/basepress/js/script.js?ver=1.2.1 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 3875
Last-Modified: Fri, 15 Sep 2017 01:00:49 GMT
Connection: keep-alive
Etag: "59bb2641-f23"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   3875
Md5:    f6a05b5290c43d40cc7b5edcbda4c5a5
Sha1:   56fe56b61338284329e6e5884331b8bd76cc2faa
Sha256: e75d5bd304feeb65fe21099c11c3ee4f1dbd65828bcb848f530187ee58e87550
                                        
                                            GET /wp-content/js/devicepx-jetpack.js?ver=201741 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         192.0.77.32
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5841a56f-52b6"
Content-Encoding: gzip
Expires: Mon, 08 Oct 2018 11:10:29 GMT
Cache-Control: max-age=31536000
X-ac: 4.arn _dca
X-nc: HIT arn 32


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3163
Md5:    844b0e2ae8eba4159dd5edd8efbde50c
Sha1:   757861da25bea58b1bc03203f65ae93673cfc065
Sha256: ef84d445c23339e2c3742857d7e020c89d639f1ddc434b6f6a585ac9907bbb92
                                        
                                            GET /js/gprofiles.js?ver=2017Octaa HTTP/1.1 
Host: secure.gravatar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         192.0.73.2
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Sep 2015 14:13:14 GMT
Etag: W/"55faca7a-50aa"
Content-Encoding: gzip
Expires: Fri, 20 Oct 2017 03:48:09 GMT
Cache-Control: max-age=604800


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6790
Md5:    ff36b4357f0ea3917228ae97b5e6235e
Sha1:   74ccb81763373e358dc62e3289aaf53c11c2fdcc
Sha256: b1ad3f05ad77fb3147e88ac46f9af538ab7a79e072fd3b53a4c6017656980815
                                        
                                            GET /css?family=Open+Sans:300,400,700&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 13 Oct 2017 03:48:09 GMT
Date: Fri, 13 Oct 2017 03:48:09 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   317
Md5:    d743ffb424943e0957e2ffdb802a7fdb
Sha1:   44bb2cbc92f86d8036d271b5315c09e368d82ec4
Sha256: 8e3c99293def3bb111961da6dcfd0d42d579019d76564e6005f28a5b40b75edc
                                        
                                            GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.8.2 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 489
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 08 Oct 2017 10:04:23 GMT
Etag: "3f7-55b0632c1faef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   489
Md5:    e7310e3fcdaade0614b48b2154b4599b
Sha1:   6286153658b9dc345836e4b06f5f1993370acea6
Sha256: f0ecedd6a50945a0295fc3c92db1770a58ec16df95cc120eac718e684f200679
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 10056
Last-Modified: Fri, 20 May 2016 04:11:28 GMT
Connection: keep-alive
Etag: "573e8e70-2748"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 97184
Last-Modified: Mon, 23 May 2016 07:00:30 GMT
Connection: keep-alive
Etag: "5742aa8e-17ba0"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   97184
Md5:    8610f03fe77640dee8c4cc924e060f12
Sha1:   076524186dbbdd4c41afbbd6b260d9e46a095811
Sha256: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
                                        
                                            GET /wp-content/plugins/jetpack/css/jetpack.css?ver=5.4 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:09 GMT
Content-Length: 66684
Last-Modified: Sun, 08 Oct 2017 10:04:23 GMT
Connection: keep-alive
Etag: "59d9f827-1047c"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   66684
Md5:    44d19c660e7653a2fe8c3ca86794a1e2
Sha1:   d53e19785325a0b15d7d044825691e82faa0dc00
Sha256: 35b4abb60fea1bd0755bfb39fadf369e895d2127c93c666741db5709cee8c890
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:10 GMT
Server: Apache
Last-Modified: Tue, 10 Oct 2017 19:05:30 GMT
Expires: Tue, 17 Oct 2017 19:05:30 GMT
Etag: 22CF3E09B330CC08E46EACB09D9F431009E68AA5
Cache-Control: max-age=400039,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    27596f2d321a6d695bb7c397fee419a9
Sha1:   22cf3e09b330cc08e46eacb09d9f431009e68aa5
Sha256: 79ecd8020211bc0d2b0e3901da1be4ca91bc5b79c0740627ffc71909bd1fa83b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:10 GMT
Server: Apache
Last-Modified: Wed, 11 Oct 2017 09:42:49 GMT
Expires: Wed, 18 Oct 2017 09:42:49 GMT
Etag: CAE2D4E36B01556EB5A7DFCAC91643A06697B94B
Cache-Control: max-age=452678,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    b1e50e73281d4487d8b1cf3cdaf74bd5
Sha1:   cae2d4e36b01556eb5a7dfcac91643a06697b94b
Sha256: ba282a3cc79d8121086cb931af7199775bd48fef7699ba80e61d794c382b880c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:10 GMT
Server: Apache
Last-Modified: Wed, 11 Oct 2017 09:42:49 GMT
Expires: Wed, 18 Oct 2017 09:42:49 GMT
Etag: 8A7BC9885D9FFAFD7270D5324F22275F2B2C0D13
Cache-Control: max-age=452678,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d7daaf5088b1b8633e7e0d6600507656
Sha1:   8a7bc9885d9ffafd7270d5324f22275f2b2c0d13
Sha256: 9ea32e88334ce42853f79b00abaff0d4ee00214175cd3e1d189a0aa1b4a4ceba
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.8.2 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:10 GMT
Content-Length: 1398
Last-Modified: Wed, 23 Nov 2016 12:38:34 GMT
Connection: keep-alive
Etag: "58358dca-576"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1398
Md5:    5a03f97cc479b9f5d7efdaccec31bc17
Sha1:   54518be91b7c5d4b139e032d23ffae568cc7e9fd
Sha256: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
                                        
                                            GET /wp-content/plugins/jetpack/_inc/facebook-embed.js HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:10 GMT
Content-Length: 446
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 08 Oct 2017 10:04:23 GMT
Etag: "328-55b0632c49ad2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   446
Md5:    ad943d4b2e744f22ccc1d4b7e9805c54
Sha1:   267c32877bf9e58fba19625a8c5aee3e7dccdc96
Sha256: 3af899d7a4532f0cf738724b2b4ecb9368d7cec9380993ca6b39cbe4b975be53
                                        
                                            GET /e-201741.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         192.0.76.3
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"572909a0-16a6"
Content-Encoding: gzip
Expires: Mon, 08 Oct 2018 12:58:00 GMT
Cache-Control: max-age=31536000


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1459
Md5:    b2ce0b0ee5b0cb5957ce113e2a18817e
Sha1:   d7c1ff57e0466b8e08e39c8115a03c6bd455b22d
Sha256: 1553751aaca0e4e44c3dbde73abf5120e52ddc3209972fc5aa27861528d936cd
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coinhive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         94.130.102.124
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:10 GMT
Last-Modified: Mon, 02 Oct 2017 14:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"59d24a41-21e45"
Expires: Fri, 13 Oct 2017 11:48:10 GMT
Cache-Control: max-age=28800
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   43383
Md5:    fe144c72a53ead8a0b0960680f396821
Sha1:   dd8415779b4f07aff98c3c3cf9d8d9e5a2dbc0ae
Sha256: c5c84e973e49b5919fd11bcab34ae5a7cbc68acc717f9ddb6f1f122f35d72269

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:11 GMT
Server: Apache
Last-Modified: Tue, 10 Oct 2017 17:34:25 GMT
Expires: Tue, 17 Oct 2017 17:34:25 GMT
Etag: 215C6212C6A6D3F0FACDFE519D3C139AFF448CE6
Cache-Control: max-age=394573,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp2
Content-Length: 281
Connection: close


--- Additional Info ---
Magic:  data
Size:   281
Md5:    ab18cf502de7f54398f6c129d3249b70
Sha1:   215c6212c6a6d3f0facdfe519d3c139aff448ce6
Sha256: 67ea449b260859b98bdda23185e735560d784dc7478396d95728bc84a981a284
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:11 GMT
Server: Apache
Last-Modified: Wed, 11 Oct 2017 09:42:49 GMT
Expires: Wed, 18 Oct 2017 09:42:49 GMT
Etag: 6C89C467727D5ACE933A2507E62CB8FA2044D539
Cache-Control: max-age=452677,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp16
Content-Length: 313
Connection: close


--- Additional Info ---
Magic:  data
Size:   313
Md5:    faa31e894a0682a520d4955c4b0f6ae5
Sha1:   6c89c467727d5ace933a2507e62cb8fa2044d539
Sha256: a0f516b4644bac7ec1adf4badbcc79f0017c1517be24b9b1bcd0dc5114d0764d
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 13 Oct 2017 03:48:11 GMT
Expires: Tue, 17 Oct 2017 03:48:11 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    00c53ce7aff5a785b677068b7cc8a741
Sha1:   6f33c2f4dc6324126f89a279b631f4a38320cc67
Sha256: 5242b0843cb5b8705251e7af36ba30113032d64f774edbb396939f70bc05f314
                                        
                                            GET /g.gif?v=ext&j=1%3A5.4&blog=112614628&post=28&tz=0&srv=hb3d.de&host=hb3d.de&ref=&rand=0.9272854476980339 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         192.0.76.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:11 GMT
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /s/opensans/v15/u-WUoqrET9fUeobQW7jkRT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin,latin-ext
Origin: https://hb3d.de

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 23708
Date: Wed, 11 Oct 2017 21:53:32 GMT
Expires: Thu, 11 Oct 2018 21:53:32 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:48 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 107679
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   23708
Md5:    2b6f63fce9104d1223d83dd12cd6038e
Sha1:   1ac49ab02668c5deb14a497faefcb7bfa6c15731
Sha256: 32ad89cba217fa7f180d331f6e43d87a75e8eb1b97ed102d178c534fd6e51038
                                        
                                            GET /js/0.6/load.js?mode=auto HTTP/1.1 
Host: api.flattr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/

                                         
                                         104.27.166.108
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Fri, 13 Oct 2017 03:48:11 GMT
Content-Length: 178
Connection: keep-alive
Set-Cookie: __cfduid=de3c55483ca9571f30bed6b5e582550f31507866491; expires=Sat, 13-Oct-18 03:48:11 GMT; path=/; domain=.flattr.com; HttpOnly
Location: https://button.flattr.com/loader.js?mode=auto
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Fri, 13 Oct 2017 07:48:11 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3acf5262fb984267-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /s/opensans/v15/k3k702ZOKiLJc3WVjuplzBa1RVmPjeKy21_GQJaLlJI.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin,latin-ext
Origin: https://hb3d.de

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 24528
Date: Wed, 11 Oct 2017 21:53:37 GMT
Expires: Thu, 11 Oct 2018 21:53:37 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:49 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 107674
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   24528
Md5:    efe9ead0aecdedc597ec9d4e745e0a58
Sha1:   df6a1ea1917ea01c1f53f73cd9412afcfd254875
Sha256: c173db3aba8f65231290d9c956253e0f8bbfb12750e1c4c56b26cf64fdefa735
                                        
                                            GET /wp-content/themes/basepress/assets/fonts/fontawesome-webfont.woff?v=4.6.3 HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/wp-content/themes/basepress/style.css?ver=1.2.1

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:11 GMT
Content-Length: 90412
Last-Modified: Fri, 15 Sep 2017 01:00:49 GMT
Connection: keep-alive
Etag: "59bb2641-1612c"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   90412
Md5:    c8ddf1e5e5bf3682bc7bebf30f394148
Sha1:   6d7e6a5fc802b13694d8820fc0138037c0977d2e
Sha256: adbc4f95eb6d7f2738959cf0ecbc374672fce47e856050a8e9791f457623ac2c
                                        
                                            GET /loader.js?mode=auto HTTP/1.1 
Host: button.flattr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/
Cookie: __cfduid=de3c55483ca9571f30bed6b5e582550f31507866491

                                         
                                         104.27.167.108
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 13 Oct 2017 03:48:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Oct 2017 13:18:05 GMT
Etag: W/"59df6b8d-1f47"
Expires: Fri, 13 Oct 2017 07:48:11 GMT
Cache-Control: public, max-age=14400
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3acf52654de24261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3055
Md5:    d7e20b2759580de117f09e7a5421d3b1
Sha1:   af1f826c5cf94ebadb12ddf42f45cdb5fa45e25d
Sha256: de7ff773e7993b3509b95ef4f575788d896e366243013b746f2015fd991e5be1
                                        
                                            GET /view/?e=1&url=https%3A%2F%2Fhb3d.de%2F&title=Willkommen%20auf%20HB3D.de!&uid=bc24& HTTP/1.1 
Host: button.flattr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://hb3d.de/
Cookie: __cfduid=de3c55483ca9571f30bed6b5e582550f31507866491

                                         
                                         104.27.167.108
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 13 Oct 2017 03:48:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare-nginx
CF-RAY: 3acf52656de64261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   670
Md5:    a0d016c7909b9f234a1cfb147a7f94e0
Sha1:   2b59bd266683f6184560928931ff37c193803773
Sha256: 4f1305ecea361b4207eaa5e417f9276e39ae16fe7e2f39d01f629e1facb5390c
                                        
                                            GET /button/button.css HTTP/1.1 
Host: static.flattr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://button.flattr.com/view/?e=1&url=https%3A%2F%2Fhb3d.de%2F&title=Willkommen%20auf%20HB3D.de!&uid=bc24&
Cookie: __cfduid=de3c55483ca9571f30bed6b5e582550f31507866491

                                         
                                         104.27.167.108
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 13 Oct 2017 03:48:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Oct 2017 13:18:05 GMT
Etag: W/"59df6b8d-5933"
Expires: Mon, 11 Oct 2027 03:48:12 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Pragma: public
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3acf52691c364279-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8900
Md5:    eefa69eb63c1423228179672fa05afd3
Sha1:   1ccfc0387f4e27e027b0330fa0122e3b84c4272f
Sha256: 367f884f5a4dcef2f96c3ef8556624c4c06c3a5c737f6be712a7809232f87e94
                                        
                                            GET /button/button.js HTTP/1.1 
Host: static.flattr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://button.flattr.com/view/?e=1&url=https%3A%2F%2Fhb3d.de%2F&title=Willkommen%20auf%20HB3D.de!&uid=bc24&
Cookie: __cfduid=de3c55483ca9571f30bed6b5e582550f31507866491

                                         
                                         104.27.167.108
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 13 Oct 2017 03:48:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Oct 2017 13:18:05 GMT
Etag: W/"59df6b8d-126b"
Expires: Mon, 11 Oct 2027 03:48:12 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Pragma: public
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3acf52691e9c4261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1371
Md5:    f0593e85c5e167e9f5c97926da61b50c
Sha1:   44ab32159774803b1d74e6ef54a85df803070a41
Sha256: 056aa450dd07b0608dc28fb735d2e8fd50738fd161fa71ee2fb70140948c13c8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:12 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PleskLin


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: hb3d.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.163.227.104
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Fri, 13 Oct 2017 03:48:15 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PleskLin


--- Additional Info ---