Report - wir-sind-mehr.com/

Report Overview

Submitted URL
wir-sind-mehr.com/
IP
81.169.145.158
ASN
#6724 Strato AG
Submitted
2022-11-14 14:10:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.42.234.253
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	61 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	470 B	746 B	142.250.74.10
wir-sind-mehr.com	unknown			13 kB	853 kB	81.169.145.158
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.4 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.5 kB	112 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed
2022-11-14	medium	wir-sind-mehr.com	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	wir-sind-mehr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1	19 kB	2023-03-07	2024-04-22
Pretty URL wir-sind-mehr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 15:34:31 Times Seen38020 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=6.1	8.0 kB	2023-03-07	2024-04-21
Pretty URL wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=6.1 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2024-04-21 06:12:36 Times Seen6772 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=6.1	155 B	2023-03-07	2024-04-18
Pretty URL wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=6.1 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:16 Last Seen2024-04-18 11:19:23 Times Seen451 Hash e318a11a341e18878bef8f164578620d ccd816531e9d9a669acaff10d326d50764288c59 2cfcf1b1b821b9ada3643b69a2499b215760596084e67dd25ff0091405213622 Loading...

	wir-sind-mehr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL wir-sind-mehr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 00:53:38 Times Seen68558 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 10:04:44 Times Seen37018443 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/jquery.counterup.min.js?ver=6.1	1.1 kB	2023-03-07	2024-04-18
Pretty URL wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/jquery.counterup.min.js?ver=6.1 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:16 Last Seen2024-04-18 11:19:23 Times Seen340 Hash 4a6bab85243d42e70483d738ccf19a9a ea757a647999c61cc0b1daf4e01479e71935df21 d7fd815f9ae6c458acb2227493211d60ce351a7f8085cb0eb35010f39793f7e1 Loading...

	wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/ditty.min.js?ver=3.0.30	3.5 kB	2023-03-09	2023-11-22
Pretty URL wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/ditty.min.js?ver=3.0.30 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:39:01 Last Seen2023-11-22 02:46:11 Times Seen23 Hash 84bc55a1aede96bb372773da3ce05078 626cb2e1f412a543ce5a22f0b83b2bad0a4c12a0 08373de65a53739d5c8cc0846d32ac0347bf8f373806125382748c59761a0aba Loading...

	wir-sind-mehr.com/	2.1 kB	2023-03-11	2023-03-11
Pretty URL wir-sind-mehr.com/ IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:55:17 Last Seen2023-03-11 11:55:17 Times Seen1 Hash bf54a16c8cc161c7a9a2303afd2bfeb2 dd00858ef6885cd214f5dc260d5ca6c133f16900 8ea166cac99c772466201de4ef3ffefe2333e12cd24d29decb86d87a281e59fa Loading...

	wir-sind-mehr.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2	17 kB	2023-03-08	2024-04-19
Pretty URL wir-sind-mehr.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-19 20:39:51 Times Seen1099 Hash 6575d504c628a893ecb7ba3a094f110b 472db26157d08d00fc87c8151ab8e98617cd32ca 4471f0e0712693e37d562bb4981a7da17248062fc39140f3df05826943879fb7 Loading...

	wir-sind-mehr.com/	626 B	2023-03-11	2023-03-11
Pretty URL wir-sind-mehr.com/ IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:55:17 Last Seen2023-03-11 11:55:17 Times Seen1 Hash b5397a8f19a43cfa5f6dd8c927231418 f60cafa48d49b8faa87ec5b27bd4f2210f687fee ca15fea614262b51958e57f3284b3f7b1f349e615197b83ec4783cffe9fc3050 Loading...

	wir-sind-mehr.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205	1.6 kB	2023-03-07	2024-04-19
Pretty URL wir-sind-mehr.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:12 Last Seen2024-04-19 15:34:19 Times Seen508 Hash 6e26dcae5f37cd7dbc99443304d0d4b6 1149f4a86285fb1cbf08f3748659368410be6892 ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78 Loading...

	wir-sind-mehr.com/	36 kB	2023-03-11	2023-03-11
Pretty URL wir-sind-mehr.com/ IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:55:17 Last Seen2023-03-11 11:55:17 Times Seen1 Hash bdcae5029c466d6a0d83ea0557459162 9f7ffe89c5ff4c4685aaefa78c57c3ad51ea62cd 3c94f00aed006d5c02c423847bf5aebb579b51d25e4153e9d7adeff93ed74b5e Loading...

	wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/class-ditty-display-ticker.min.js?ver=3.0.30	18 kB	2023-03-07	2023-11-22
Pretty URL wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/class-ditty-display-ticker.min.js?ver=3.0.30 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:33 Last Seen2023-11-22 02:46:11 Times Seen26 Hash 7b9b1376224ad0b480bf2211247fcba8 8e27cc7baec86fc313ec534b72c2c18e7edc4e05 fcf4f3a28d41a5f18da431178e63dc4bbd92fb781df2f8c1ec590468b3ad4868 Loading...

	wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/blocks/frontend.js?ver=3.1.0	320 kB	2023-03-11	2023-03-11
Pretty URL wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/blocks/frontend.js?ver=3.1.0 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:55:17 Last Seen2023-03-11 11:55:17 Times Seen1 Hash dd20e5ca95c0ecbf87e73ae7a33c7d21 b3c4f30ec3eab4cc0c094fc241acccc21434cb82 bd879bfe3194773e278ff793847d84cacf9655f1312a8fbb3b0c50f6488866d0 Loading...

	wir-sind-mehr.com/wp-content/plugins/strato-assistant/js/cookies.js?ver=1644944213	924 B	2023-03-07	2024-04-21
Pretty URL wir-sind-mehr.com/wp-content/plugins/strato-assistant/js/cookies.js?ver=1644944213 IP 81.169.145.158 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:15 Last Seen2024-04-21 09:58:26 Times Seen369 Hash 0f74956215337862839be3a417599899 87b25851d369291a57e676f3029a280bef2eac81 64fab1839edeb799a6cf617ec3dd330bead9e94b03d5c7022060ea7723334635 Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5795
Expires: Mon, 14 Nov 2022 15:46:52 GMT
Date: Mon, 14 Nov 2022 14:10:17 GMT
Connection: keep-alive

wir-sind-mehr.com/

81.169.145.158

301 Moved Permanently

0 B

URL HTTP/1.1
wir-sind-mehr.com/
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 14 Nov 2022 14:10:17 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/8.0.24
X-Redirect-By: WordPress
Vary: User-Agent
Location: https://wir-sind-mehr.com/
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: max-age=164259
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:17 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:47:56 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3663
Expires: Mon, 14 Nov 2022 15:11:20 GMT
Date: Mon, 14 Nov 2022 14:10:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 13:44:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1543
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ry+sMJuNMmRUUMW90RGpFojm/iKEbmamskAAMeuM3/9cdezBXBSI+e2eFaM1XM1y3p98GNp9zFU=
x-amz-request-id: VP94G123ATFBBXEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 13:13:52 GMT
age: 3385
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 14:10:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
23126c5ba4511883d89026ff6b4def2d
5e576e6f3c4e470a309f98c8f77fca27d601adf5
c595dc2ef5a004b91cd7581dcf95c22de610761f9698061c41d4b44a4db9752e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113178
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:17 GMT
Etag: "63716363-1d7"
Expires: Tue, 15 Nov 2022 21:36:35 GMT
Last-Modified: Sun, 13 Nov 2022 21:36:35 GMT
Server: nginx
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 13:25:01 GMT
cache-control: public,max-age=3600
age: 2717
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1321
Cache-Control: max-age=155924
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:18 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 09:29:02 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

wir-sind-mehr.com/wp-includes/css/classic-themes.min.css?ver=1

81.169.145.158

200 OK

217 B

URL HTTP/2
wir-sind-mehr.com/wp-includes/css/classic-themes.min.css?ver=1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:52:14 GMT
etag: "d9-5ec7747d7d30a"
accept-ranges: bytes
content-length: 217
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/css/dashicons.min.css?ver=6.1

81.169.145.158

200 OK

59 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/css/dashicons.min.css?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (58981)
Size
59 kB (59016 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 16:45:05 GMT
etag: "e688-5d8114158e323"
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1

81.169.145.158

200 OK

95 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (47826)
Size
95 kB (94821 bytes)
Hash
4cdcd4a2c77fccb74825eaf2d6733091
00d4ad404f681af9044bb4cc6ed5e2e9f641cc4a
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:52:13 GMT
etag: "17265-5ec7747d4e1b9"
accept-ranges: bytes
content-length: 94821
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1

81.169.145.158

200 OK

19 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 04:58:06 GMT
etag: "48b9-5dfceeb384875"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=6.1

81.169.145.158

200 OK

13 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
assembler source, ASCII text, with very long lines (780)
Size
13 kB (13018 bytes)
Hash
d22aee6ec88006fb65619463349dd22c
6db281a59d3abf162dec93f4ada47f806e0e8366
3f421186dd0415bdb8306a5a403a2456eb03d3a1b2070feef25c52f2e65006cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "32da-5ed210c2715b2"
accept-ranges: bytes
content-length: 13018
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1

81.169.145.158

200 OK

31 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (30837)
Size
31 kB (30999 bytes)
Hash
008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "7917-5ed210c255c3c"
accept-ranges: bytes
content-length: 30999
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=6.1

81.169.145.158

200 OK

1.5 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
1.5 kB (1549 bytes)
Hash
110d1ff81b41cb7bc44312e3191eced4
63b1fdb845f8ccdc3c1a962f177627c48612cb74
baba7949fa4f60d3cd857506cf096b4ec82d10e3da1a006f43bc6849d5dcb636

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "60d-5ed210c27255d"
accept-ranges: bytes
content-length: 1549
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/css/ditty.css?ver=3.0.30

81.169.145.158

200 OK

38 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/css/ditty.css?ver=3.0.30
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
38 kB (37911 bytes)
Hash
b55a808b4b7553f68b688e8588006be4
4df7fa5e6a0c5c1560cff5ca5751e62ad26db52e
9e9b2b2d98bb21ba98a3e7d0166f2de7bae986b81a727c7804a44f4f81b09737

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ditty-news-ticker/includes/css/ditty.css?ver=3.0.30 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 05:01:03 GMT
etag: "9417-5ed16a8fa6977"
accept-ranges: bytes
content-length: 37911
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/uploads/eb-style/eb-style-19.min.css?ver=6bf3f6c2ad

81.169.145.158

200 OK

1.2 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/uploads/eb-style/eb-style-19.min.css?ver=6bf3f6c2ad
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (1220), with no line terminators
Size
1.2 kB (1220 bytes)
Hash
b896c7415ab4537082c170ab3d7b7cec
42bfb928952eff7a1717a2f37d32f8b50c66739a
246d5c61047094c70de14339173aad079630c61ba414c03e10cfb49d7eded782

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/eb-style/eb-style-19.min.css?ver=6bf3f6c2ad HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 23:08:01 GMT
etag: "4c4-5d87b2ff96850"
accept-ranges: bytes
content-length: 1220
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/themes/twentytwelve/css/blocks.css?ver=20190406

81.169.145.158

200 OK

11 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/themes/twentytwelve/css/blocks.css?ver=20190406
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
11 kB (10553 bytes)
Hash
2aeaabc916ab9ec2542fb9e784f4bc9d
7319687fbe8c7290a56f30eda69d68f1472fb36c
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/twentytwelve/css/blocks.css?ver=20190406 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:51:41 GMT
etag: "2939-5ec7745ea5709"
accept-ranges: bytes
content-length: 10553
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/themes/twentytwelve/style.css?ver=20221101

81.169.145.158

200 OK

38 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/themes/twentytwelve/style.css?ver=20221101
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (492)
Size
38 kB (37848 bytes)
Hash
6d562b1dc537984bfb6176f0e9f9ebde
1e59917bd7b1cc97520dfdede6c0415ae46ef193
0b7cdba402cfe17619f9276ee31e3cdd0ece5d9d22a02552d0e2b95dfd3018cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/twentytwelve/style.css?ver=20221101 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:51:41 GMT
etag: "93d8-5ec7745ec5286"
accept-ranges: bytes
content-length: 37848
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

81.169.145.158

200 OK

90 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65447)
Size
90 kB (89684 bytes)
Hash
17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:52:14 GMT
etag: "15e54-5ec7747e20894"
accept-ranges: bytes
content-length: 89684
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.42.234.253

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.234.253:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 26ujx+4cXpaTv6XTy8VRFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +PrePYtfIPUJsfFJRkjjhxtgAws=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=6.1

81.169.145.158

200 OK

155 B

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
e318a11a341e18878bef8f164578620d
ccd816531e9d9a669acaff10d326d50764288c59
2cfcf1b1b821b9ada3643b69a2499b215760596084e67dd25ff0091405213622

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "9b-5ed210c284e46"
accept-ranges: bytes
content-length: 155
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/jquery.counterup.min.js?ver=6.1

81.169.145.158

200 OK

1.1 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/jquery.counterup.min.js?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (929)
Size
1.1 kB (1079 bytes)
Hash
4a6bab85243d42e70483d738ccf19a9a
ea757a647999c61cc0b1daf4e01479e71935df21
d7fd815f9ae6c458acb2227493211d60ce351a7f8085cb0eb35010f39793f7e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/jquery.counterup.min.js?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "437-5ed210c285de4"
accept-ranges: bytes
content-length: 1079
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/strato-assistant/js/cookies.js?ver=1644944213

81.169.145.158

200 OK

924 B

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/strato-assistant/js/cookies.js?ver=1644944213
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
924 B (924 bytes)
Hash
0f74956215337862839be3a417599899
87b25851d369291a57e676f3029a280bef2eac81
64fab1839edeb799a6cf617ec3dd330bead9e94b03d5c7022060ea7723334635

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/strato-assistant/js/cookies.js?ver=1644944213 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 16:56:53 GMT
etag: "39c-5d8116b802910"
accept-ranges: bytes
content-length: 924
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

81.169.145.158

200 OK

11 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 16:45:08 GMT
etag: "2bd8-5d8114180c585"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205

81.169.145.158

200 OK

1.6 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text
Size
1.6 kB (1552 bytes)
Hash
6e26dcae5f37cd7dbc99443304d0d4b6
1149f4a86285fb1cbf08f3748659368410be6892
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/twentytwelve/js/navigation.js?ver=20141205 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:51:41 GMT
etag: "610-5ec7745eaef46"
accept-ranges: bytes
content-length: 1552
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/ditty.min.js?ver=3.0.30

81.169.145.158

200 OK

3.5 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/ditty.min.js?ver=3.0.30
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
HTML document, ASCII text, with very long lines (3455), with no line terminators
Size
3.5 kB (3455 bytes)
Hash
84bc55a1aede96bb372773da3ce05078
626cb2e1f412a543ce5a22f0b83b2bad0a4c12a0
08373de65a53739d5c8cc0846d32ac0347bf8f373806125382748c59761a0aba

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ditty-news-ticker/includes/js/ditty.min.js?ver=3.0.30 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 05:01:03 GMT
etag: "d7f-5ed16a8ff766b"
accept-ranges: bytes
content-length: 3455
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/css/blocks.css?ver=3.1.0

81.169.145.158

200 OK

60 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/css/blocks.css?ver=3.1.0
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (59929)
Size
60 kB (59930 bytes)
Hash
5c1e651754d5bc79218bd83325301bef
30a94baa8eb69550be8c1db3bbc2739cb741951d
0d2142a5a05fa6cff9c536dfa921afb7145a05d52ff5087816bc1e54206b4c3f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/advanced-gutenberg/assets/css/blocks.css?ver=3.1.0 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 05:18:34 GMT
etag: "ea1a-5ebfd45d354e3"
accept-ranges: bytes
content-length: 59930
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=6.1

81.169.145.158

200 OK

8.0 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (7808)
Size
8.0 kB (8044 bytes)
Hash
dfe0eedf8da578f4a4c43b05448c51d9
812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "1f6c-5ed210c287550"
accept-ranges: bytes
content-length: 8044
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/class-ditty-display-ticker.min.js?ver=3.0.30

81.169.145.158

200 OK

18 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker/includes/js/class-ditty-display-ticker.min.js?ver=3.0.30
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (17821), with no line terminators
Size
18 kB (17821 bytes)
Hash
7b9b1376224ad0b480bf2211247fcba8
8e27cc7baec86fc313ec534b72c2c18e7edc4e05
fcf4f3a28d41a5f18da431178e63dc4bbd92fb781df2f8c1ec590468b3ad4868

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ditty-news-ticker/includes/js/class-ditty-display-ticker.min.js?ver=3.0.30 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 05:01:03 GMT
etag: "459d-5ed16a8feb6eb"
accept-ranges: bytes
content-length: 17821
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2

81.169.145.158

200 OK

17 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (15446)
Size
17 kB (17338 bytes)
Hash
6575d504c628a893ecb7ba3a094f110b
472db26157d08d00fc87c8151ab8e98617cd32ca
4471f0e0712693e37d562bb4981a7da17248062fc39140f3df05826943879fb7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 06:52:14 GMT
etag: "43ba-5ec7747e11652"
accept-ranges: bytes
content-length: 17338
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/uploads/2022/02/Schriftzug_Logos_final-1024x298.png

81.169.145.158

200 OK

175 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/uploads/2022/02/Schriftzug_Logos_final-1024x298.png
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
PNG image data, 1024 x 298, 8-bit/color RGBA, non-interlaced\012- data
Size
175 kB (174888 bytes)
Hash
bd0631e26d62256ad1b99b9b7a57def8
28ce8e15e9176b7a0a3019f56c324472ac744bcc
a6482ed9c1f41c9803fc0308723cfd098923ab5dd2fe95e56ddfcf76fc771d3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/02/Schriftzug_Logos_final-1024x298.png HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 21 Feb 2022 14:13:26 GMT
etag: "2ab28-5d887d60d8e24"
accept-ranges: bytes
content-length: 174888
content-type: image/png
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=6.1

81.169.145.158

200 OK

149 kB

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=6.1
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (620)
Size
149 kB (148892 bytes)
Hash
4706e3135214d1a3f6c28e98c40c0724
687c5d46406ad65fc9129cf052e9394e0921bf68
10e410003ec5cae79bdb9c5f2ea0a5320426f5434d3bd25e66ee08cb20c98bf5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=6.1 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 17:24:37 GMT
etag: "2459c-5ed210c283335"
accept-ranges: bytes
content-length: 148892
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wir-sind-mehr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 05:42:51 GMT
expires: Fri, 10 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 376048
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16248, version 1.0\012- data
Size
16 kB (16248 bytes)
Hash
32716a5cfa3f66cf0e1d74d60694c4ad
ba7958726a7c60abfe42b469c3ce5a7074e4b8fb
ea1b915d9a1f79eefb62e5c9c1af97e12adacc44deac97601105bdd2d2c46798

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wir-sind-mehr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 01:13:02 GMT
expires: Wed, 08 Nov 2023 01:13:02 GMT
cache-control: public, max-age=31536000
age: 565037
last-modified: Mon, 15 Aug 2022 18:11:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.195

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wir-sind-mehr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:59:14 GMT
expires: Tue, 07 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 587465
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 14:10:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wir-sind-mehr.com/favicon.ico

81.169.145.158

302 Found

0 B

URL HTTP/2
wir-sind-mehr.com/favicon.ico
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Mon, 14 Nov 2022 14:10:19 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
link: <https://wir-sind-mehr.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://wir-sind-mehr.com/wp-includes/images/w-logo-blue-white-bg.png
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-includes/images/w-logo-blue-white-bg.png

81.169.145.158

200 OK

4.1 kB

URL HTTP/2
wir-sind-mehr.com/wp-includes/images/w-logo-blue-white-bg.png
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wir-sind-mehr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 16:45:05 GMT
etag: "1017-5d81141513247"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 14 Nov 2022 14:10:19 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Mon, 14 Nov 2022 15:16:49 GMT
Date: Mon, 14 Nov 2022 14:10:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Mon, 14 Nov 2022 15:16:49 GMT
Date: Mon, 14 Nov 2022 14:10:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Mon, 14 Nov 2022 15:16:49 GMT
Date: Mon, 14 Nov 2022 14:10:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Mon, 14 Nov 2022 15:16:49 GMT
Date: Mon, 14 Nov 2022 14:10:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Mon, 14 Nov 2022 15:16:49 GMT
Date: Mon, 14 Nov 2022 14:10:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7494 bytes)
Hash
dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -7x_52WsOuP18MV9Q9oJFOdpvIm35aZngCAjZvWFau3P3fMY5NkElg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:11:16 GMT
age: 35943
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9663 bytes)
Hash
ceefde63fac8b44410baa7054cbbf39d
bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88
6e55d25f544d934550970c70a8325886471550d1d4f757610b13800985896ba1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa95e3362-3324-487e-af72-a8801904975f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9663
x-amzn-requestid: ef07bc3a-4907-484b-9113-f00e08442f33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyFUHz6IAMFrXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163bb-1c1a2d0d4aeae314494e4b33;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uzddCdnw4KZgkOHdbDnWaDJQ3Y5h6GHH3t02NSoXazXSZRb6WkQPmg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:52:14 GMT
age: 58685
etag: "bc5a776a90f9ff1c5bd6e3dad0a542d3b73bad88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9322 bytes)
Hash
6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dMpz1U6HlmADIQZWvt1WR4D_nqlatl0mYBwg4rI6HDkKFbJCnivOgA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:50:08 GMT
age: 58811
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9921 bytes)
Hash
ac5583760066002adcbba078f6dd1be4
39ca30395586cf1a0a0fa739f7279af807f548a3
cb5986e3330858716cd290297a81d77e371b838637fc57eece94810211715a7c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9921
x-amzn-requestid: 933f6aa6-3bec-4f71-aba8-ef9e77942ae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjycgGB-oAMFsDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644f-47d26359464b62b7276316e6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cl4CvcuSz4XqydcANekLjl49PkkKUuMs_EsPwEK0pu_VF57S3szecA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:52:20 GMT
age: 58679
etag: "39ca30395586cf1a0a0fa739f7279af807f548a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6535 bytes)
Hash
a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 58578
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:45:57 GMT
age: 59062
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker//includes/libs/fontawesome-6.2.0/css/all.css?ver=6.2.0

81.169.145.158

200 OK

0 B

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/ditty-news-ticker//includes/libs/fontawesome-6.2.0/css/all.css?ver=6.2.0
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ditty-news-ticker//includes/libs/fontawesome-6.2.0/css/all.css?ver=6.2.0 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 05:01:03 GMT
etag: "220f1-5ed16a8ffdb99"
accept-ranges: bytes
content-length: 139505
content-type: text/css
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/blocks/frontend.js?ver=3.1.0

81.169.145.158

200 OK

0 B

URL HTTP/2
wir-sind-mehr.com/wp-content/plugins/advanced-gutenberg/assets/blocks/frontend.js?ver=3.1.0
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/advanced-gutenberg/assets/blocks/frontend.js?ver=3.1.0 HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 05:18:34 GMT
etag: "4e094-5ebfd45d27244"
accept-ranges: bytes
content-length: 319636
content-type: application/javascript
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

wir-sind-mehr.com/

81.169.145.158

200 OK

0 B

URL HTTP/2
wir-sind-mehr.com/
IP
81.169.145.158:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: wir-sind-mehr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 14 Nov 2022 14:10:18 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
link: <https://wir-sind-mehr.com/wp-json/>; rel="https://api.w.org/", <https://wir-sind-mehr.com/wp-json/wp/v2/pages/19>; rel="alternate"; type="application/json", <https://wir-sind-mehr.com/>; rel=shortlink
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wir-sind-mehr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 14:10:18 GMT
date: Mon, 14 Nov 2022 14:10:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP