www.turmhof.at/
185.51.8.60302 Found 207 B IP 185.51.8.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4656d555726c1d6f83c81c66bbde1ee
375f29e51fe0132ac7e249b90b00c52fdee831ae
8157d11a8409858b269e784f1ab381af1f186010f68e4f649e030a27e32078dc
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 25 Oct 2022 15:34:46 GMT
server: Apache
location: https://www.turmhof.at/
content-length: 207
content-type: text/html; charset=iso-8859-1
age: 117
permissions-policy: interest-cohort=()
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8986
Expires: Tue, 25 Oct 2022 18:06:31 GMT
Date: Tue, 25 Oct 2022 15:36:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: max-age=153572
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 15:36:45 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:16:17 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: max-age=153572
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 15:36:45 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:16:17 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12116
Expires: Tue, 25 Oct 2022 18:58:41 GMT
Date: Tue, 25 Oct 2022 15:36:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QV9x9w+2Y/qz5rzQ8NkKWJ4WR+KDM8V4C6wHgfrUoLrP8MmzBhxbLCZO2xkxuBucJNuG2vow2kk=
x-amz-request-id: ER3ZH7J3S05E3ET6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 14:38:50 GMT
age: 3475
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 15:36:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7781d1aca18b7c5ff5537b78d60b56f6
150c4cfdbc1ce3d856dabe52c1f84cee67a7569c
6cf2ef28de1c80e3e26ff4437a4ef276b3f278f7981b8b7e614e4f6c1f65a510
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=144741
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 15:36:45 GMT
Etag: "635794f2-2d7"
Expires: Thu, 27 Oct 2022 07:49:06 GMT
Last-Modified: Tue, 25 Oct 2022 07:49:06 GMT
Server: nginx
Content-Length: 727
www.turmhof.at/
185.51.8.60301 Moved Permanently 20 B IP 185.51.8.60:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 25 Oct 2022 15:32:46 GMT
server: Apache
content-encoding: gzip
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
location: https://www.turmhof.at/neues/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 20
content-type: text/html
vary: Accept-Encoding
age: 238
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2121
Cache-Control: max-age=147924
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 15:36:45 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 08:42:09 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.turmhof.at/fileadmin/img/weingut-turmhof.svg
185.51.8.60200 OK 2.4 kB URL HTTP/2 www.turmhof.at/fileadmin/img/weingut-turmhof.svg
IP 185.51.8.60:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 95eeedc797487129162268d919ee9971
ad1287dc258d011f91de76e813b6884e5f7c9a19
872d9c4d84c3f738ee1f4a4187cc3a3765837f8388b184e23121f5967fbfebe5
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/img/weingut-turmhof.svg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:27:30 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 11 Nov 2014 15:42:59 GMT
etag: "963-50797223666c0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2403
content-type: image/svg+xml
age: 7755
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
185.51.8.60200 OK 24 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
IP 185.51.8.60:0
File type PNG image data, 180 x 246, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c9e8a43a0f0daa6ceee7c0b396929db
463d1af76d54b49eeb4df50d589bc3091b24cd23
1df11a0fe801694d268e1b5551f6236c1bea0af3fd92a0660217a8be7d1882f9
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 26 Aug 2019 10:40:35 GMT
etag: "5e82-59102c932b935"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 24194
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
185.51.8.60200 OK 2.7 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 117x134, components 3\012- data
Hash cd270c7eb83c4d52ae51687230278b97
465a04f7af5c22d62d9fbdd4e842ef83e1f56b1c
1364e00bc3e3b1c59f8e66ea4ed83a3ae06c707491ae1994d270b7600de48c72
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_loisium_01.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:06 GMT
etag: "a82-507eb5f971880"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2690
content-type: image/jpeg
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
185.51.8.60200 OK 1.1 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x61, components 3\012- data
Hash ff86c24c34be9076366198dff4a2239b
1cd533b2f2834a06582310a0ff7e6d2d9f3d1fdd
b5e80290915c963f6c79b8cbc4481231bdc3c17bca0ee9c1c770419413a0ab6f
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_kail_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "46a-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1130
content-type: image/jpeg
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
185.51.8.60200 OK 2.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 97x65, components 3\012- data
Hash f375205904abd42869b823bfe7e945d2
3540b4a3343a5e6a3303bbf0dd9a785af69293d9
55497da883add72f844bc744ee9c112d5fad8babc5cc91f593edbe72d76cedaf
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_daniel-spoerri_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "9fb-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2555
content-type: image/jpeg
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
185.51.8.60200 OK 5.3 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (1230)
Hash fe1e089131a6aca2400aeb622468a454
9ec239548dab5b6ed80d91667f566b7cae7ae256
7009d502328cd91170cbdc5ca45ef195c1f94c4f9f58063d587f904fe8f5a5ca
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:45 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "149a-5e889e7213546"
accept-ranges: bytes
content-length: 5274
cache-control: max-age=604800
expires: Tue, 01 Nov 2022 15:36:45 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/css
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
185.51.8.60200 OK 9.5 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 98493508f06b48fa41e9c5bcdbde8278
e8d6986e81968e8cb4985fa91504364925525005
bb75ba903054bfbb8ea738174516fc8890e97acb0628a3a7919d92397ae8fa78
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_stiegenhaus_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "24f5-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9461
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
185.51.8.60200 OK 18 kB URL HTTP/2 www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
IP 185.51.8.60:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x380, components 3\012- data
Hash 134740414ab039e3b941f6e1e536c80d
2a2f746a78091532169f066362fe3c2d58cd2553
7da6aa4e7eeae27100e27d5aa4d9d33b07ba6806709c5b1403eb4e0dbd122786
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/img/marillenmarmelade.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 31 Mar 2015 16:41:56 GMT
etag: "46dc-5129846d13d00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 18140
content-type: image/jpeg
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
185.51.8.60200 OK 17 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
IP 185.51.8.60:0
File type PNG image data, 168 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 78d0498cf4a1c01fecfe313ed7fa63d8
707b5cc166a1a16dafb59a8a38dfe3f755e0a849
c39ad8ed6d186834171db7fc85fcd8e70dd275ad6cd0a1e3a5186d4fd0425226
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_kittenberger_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "43fb-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 17403
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_arche-noah.png
185.51.8.60200 OK 4.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_arche-noah.png
IP 185.51.8.60:0
File type PNG image data, 75 x 81, 8-bit/color RGB, non-interlaced\012- data
Hash d49abd24e93496edb8fa090517479857
900372c6f12774dba708b03949369d3f39759dc8
77c40bb6e38f1f9f0745618d7679f809ceb5897c47a89572fdd98243eeeb55e8
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_arche-noah.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:11:32 GMT
etag: "11f6-507eb59fcc500"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 4598
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
185.51.8.60200 OK 16 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash c281f7ed679dcfcf72bbee8698fec873
0ffb5be7bb29def1ed6245efac2423d88fb7a624
8bec635af1c63eeba2be6326e5ed3e0530aeb02a8bee4a130cf04f1c7d6bb948
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_straussenland_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "3e59-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 15961
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
185.51.8.60200 OK 7.4 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
IP 185.51.8.60:0
File type PNG image data, 111 x 74, 8-bit/color RGB, non-interlaced\012- data
Hash 1d886e1847806889c6808ac929f30e60
d2ae6cb156283e7b58b522b92ade3068265d9536
4be006758eccd3cf40eb7e42fe0004da0e290df92b14018e792c455fbb0fc6ef
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_elsarn_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "1cd3-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 7379
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
185.51.8.60200 OK 9.8 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
IP 185.51.8.60:0
File type PNG image data, 244 x 31, 8-bit/color RGB, non-interlaced\012- data
Hash cfd49ae518049a3b9834774c4e07fadc
c49b0f70df83da58ccf25e84f65ef9b50153396f
fdec629e2da1ee95c06049fbfed064f69610951fed3a022b00c202293af598f8
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_schlossfestspiele_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "2618-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9752
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
185.51.8.60200 OK 52 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
IP 185.51.8.60:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash fb3bed29bf6969942c7c24d578d4df84
0476f65993cef68c42b88d9a54abbe2dc3e71553
4849a28766b47ca0c753c887163b2571edee64a50fb0299903ec6b377f2cd286
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_awc-gold_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 26 Oct 2017 13:05:30 GMT
etag: "ca65-55c72d3aa2e56"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 51813
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/user_upload/kamptaler-weinfruehling.jpg
185.51.8.60200 OK 175 kB URL HTTP/2 www.turmhof.at/fileadmin/user_upload/kamptaler-weinfruehling.jpg
IP 185.51.8.60:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x300, components 3\012- data
Size 175 kB (175203 bytes)
Hash 9629144c6729fa3b03bb9a5f34416c3f
4a234b5e0e455028edde40fb98dd86ad7af4bafa
afcba686506e2a521a0ec5a275a1ae8c7bd40ad9c90f8225ab1952d6e62abbfb
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/user_upload/kamptaler-weinfruehling.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Wed, 12 Nov 2014 17:30:30 GMT
etag: "2ac63-507acc0903980"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 175203
content-type: image/jpeg
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/neues/Aktualisiere
185.51.8.60301 Moved Permanently 0 B URL HTTP/2 www.turmhof.at/neues/Aktualisiere
IP 185.51.8.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/Aktualisiere HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 25 Oct 2022 15:36:45 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
location: https://www.turmhof.at/neues/Aktualisiere/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 0
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
185.51.8.60200 OK 140 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (32065)
Size 140 kB (140516 bytes)
Hash 331db749b23314b1bad5b93fafe609fa
c8e218e61f6918b0a8832fa416651245eb45ec20
123def30c06e0713dce6a1280b0715fb6f206c456027af94699246a25a544edd
GET /typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:45 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "224e4-5e889e7210666"
accept-ranges: bytes
content-length: 140516
cache-control: max-age=604800
expires: Tue, 01 Nov 2022 15:36:45 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/javascript
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/arrow.png
185.51.8.60200 OK 1.3 kB URL HTTP/2 www.turmhof.at/fileadmin/img/arrow.png
IP 185.51.8.60:0
File type PNG image data, 21 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fbc42e423abd18859e3e06bcd84b7fa
1d2302191daa4c5afae732600953db77d1c62bd2
496ef5ec0fd6405fa8579c51ec5199485934f64faaf3059ccc974198dc403604
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/img/arrow.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 11 Nov 2014 15:42:56 GMT
etag: "510-507972208a000"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1296
content-type: image/png
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "32ec-5e6cf2bb62a5a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 13036
content-type: font/woff2
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-300.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:28 GMT
etag: "329c-5e6cf2bad1239"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12956
content-type: font/woff2
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-600.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "32fc-5e6cf2bb08cda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 13052
content-type: font/woff2
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "3124-5e6cf2bb4559a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12580
content-type: font/woff2
age: 7299
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J8x0Z+wASZBwyZVFZUDsLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 39sdm45PtCIRHuaNanQJpepbUkg=
www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
185.51.8.60200 OK 109 kB URL HTTP/2 www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
IP 185.51.8.60:0
File type PNG image data, 2249 x 3067, 8-bit colormap, non-interlaced\012- data
Size 109 kB (109417 bytes)
Hash c6a8590dc805bc91225593002f16aaae
3cf17115e5ca347c710cc03efdf0de8af540d564
f6256e3b713a04fd7cbeaae7e866487a04d0602883a6d01258ffdd9074de0d9e
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/img/zertifiziert-nachhaltige-weine.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 13:35:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 16 Apr 2018 18:29:37 GMT
etag: "1ab69-569fb67842272"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 109417
content-type: image/png
age: 7298
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/jcart/config-loader.php?ajax=true
185.51.8.60200 OK 1.0 kB URL HTTP/2 www.turmhof.at/fileadmin/jcart/config-loader.php?ajax=true
IP 185.51.8.60:0
File type JSON data\012- , ASCII text, with very long lines (1007), with no line terminators
Hash 08a170c8da536f62c26625501498ab18
acbb249a30a96b69a7b4ec4df642507a510c0895
fa4b93bfc6318c686ff6584cfe169249efb2dc023372b3976e561ad453f70c46
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/jcart/config-loader.php?ajax=true HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: application/json; charset=utf-8
age: 0
accept-ranges: bytes
content-length: 1007
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/neues/Aktualisiere/
185.51.8.60404 Not Found 4.7 kB URL HTTP/2 www.turmhof.at/neues/Aktualisiere/
IP 185.51.8.60:0
Hash a8a07d820286ff4728ea4a8944bdbd02
a272db14ebb089f07ae4fb1e35b69c191b535464
4bd5b6e2645c788034a83629266ee130cd555c62909f1184e858b2ceb2206954
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/Aktualisiere/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 25 Oct 2022 15:36:46 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/favicon-16x16.png
185.51.8.60200 OK 1.3 kB URL HTTP/2 www.turmhof.at/favicon-16x16.png
IP 185.51.8.60:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b8a51e07dbc1a9e5f2dcbd46aaa32ddc
45b6b5b239008a0a49740d253584ecaa92b30ad0
cfd5bf87f1faf7b02424ef8a47e0fe0ed16812691b306b65a73e179d8e636906
Analyzer Verdict Alert openphish PayPal Inc.
GET /favicon-16x16.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:01:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
vary: Accept-Encoding
last-modified: Mon, 01 Jul 2019 19:59:55 GMT
etag: "515-58ca41277d611"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1301
content-type: image/png
age: 2093
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13753
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 15:36:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13753
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 15:36:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13753
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 15:36:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13753
Expires: Tue, 25 Oct 2022 19:26:00 GMT
Date: Tue, 25 Oct 2022 15:36:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 39690
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89448f1a52030b28e9ecfcdc190787d4
5080ba75c230fd2b303f29a9b64868c6e8771df8
10a736997d441e274a54e9689c349d407087fef7aa7c0f4d0a7a603e446fdabd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: 94dad7b4-9c12-4bda-9202-3b7427185182
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiElGzEIAMFnOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e9-3c79cd392d5bc4312a730cda;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c5_B2RXKJx7FHrQvHdCG50zcDFWUqaaZu0GYuCxEI8fpK019dSlD3Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:32:19 GMT
age: 61468
etag: "5080ba75c230fd2b303f29a9b64868c6e8771df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e41dda631c7f2ee5e664d43e48af31
5a8579a70d8791a19e0192995c46594e242e864d
c26bec6c4527220272777fe7b3209d8726c94105955ef15f05a584bae50ae719
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: c37a1abe-9823-4181-a64f-5cc074cfdf2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3OeGxOoAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357058f-10c7cfed331c043e00a600e0;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:37:19 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W3FmIxKlIU9N0kCfbiIqszSpbnmBk5gVmAOZ_w5e7a116zrKEeUpMw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "5a8579a70d8791a19e0192995c46594e242e864d"
content-type: image/jpeg
age: 64258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cf322f19151bcfa374c2e32b9ac986f
e8e69ac951def18bc1e03ecd4fe8a21d3b825b27
54ddfd1876f65e264b9b3209a0e805a3796013b4aacc8e9fd20b49754b4917a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4206
x-amzn-requestid: 6b02f96a-ea03-4eff-acde-c73925260102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3E3GPQoAMFpIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570552-77cf762d0e54f1f60efe52c3;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:18 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jcuTYNKiYp8BkDnzo34tidRVmcFlE_xDfPGGgrUKfR67IfwGjFxceA==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:42:36 GMT
age: 64451
etag: "e8e69ac951def18bc1e03ecd4fe8a21d3b825b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1970a25715283fecf7a05a199bf4cae6
3a3005e722d2e89c9218c34ba283bbcde72e4bbc
624f6f86abe8c7cb8b24669851103baf152802c3ea915dcdea88ce984d468361
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11051
x-amzn-requestid: 2eef9564-c660-421d-aff6-40644b72ffa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFfupETyoAMF3qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bacc3-48a6442d4ec030f50e8f8f13;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:03:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HgK4QTgdR6OSGV86ooPEJ0_jtGehzs1DHgeynAoCthtKlAAohrKVSg==
via: 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:18:45 GMT
age: 62282
etag: "3a3005e722d2e89c9218c34ba283bbcde72e4bbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0215d09b407ecfd690d63aee6a30add
d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94
6147a16325e6c63e7e3acfde58a4cfcd04564ddd6df61835e6e563ec6e67aa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5662
x-amzn-requestid: cb169868-462c-4083-af25-ca65cb2df563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EhH7SoAMFdeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054f-1635cae5575eed4a43607a11;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3AVj0cWeDVgo3DVqvDiofHw2sXlQVGFhijv3QOzs0vNruMXzx8pl2Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
etag: "d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94"
content-type: image/jpeg
age: 63583
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.turmhof.at/neues/
185.51.8.60200 OK 0 B IP 185.51.8.60:0
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:45 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=k1kala4r746ge5j4vfb89r5f04; path=/
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2