r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3467
Expires: Wed, 14 Dec 2022 12:14:39 GMT
Date: Wed, 14 Dec 2022 11:16:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10348
Expires: Wed, 14 Dec 2022 14:09:20 GMT
Date: Wed, 14 Dec 2022 11:16:52 GMT
Connection: keep-alive
www.residenz-eifelgold.de/cms/website.php
200 OK 2.8 kB URL HTTP/1.1 www.residenz-eifelgold.de/cms/website.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (436), with CRLF, LF line terminators
Hash fbf63971517f8770b21207a64e1b4e57
847823f28ec81c9af2ff4a595ce1825137853f4a
4d5b2a634c924470a2aff542c914c29e2bba53ada1944e633beb368679ee7ed0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /cms/website.php HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma:
Set-Cookie: sid=e0f0ca190e9206c4ec14563673e35e43; path=/
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 11:08:52 GMT
content-type: application/json
age: 480
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12257
Expires: Wed, 14 Dec 2022 14:41:09 GMT
Date: Wed, 14 Dec 2022 11:16:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ftkA+f5IyMw493oqXVA1eVHKM6q3S4fI1Od7AILHsnAmov/wZObs7rfFFg8UTZ0SJFMTQNLZIu4kZHv00O9AmA==
x-amz-request-id: 0QMC0FT9CZV8KP3C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 10:50:28 GMT
age: 1584
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 11:16:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
200 OK 1.1 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
IP
Hash 8df8280307635be07914eb76affb9e19
2ad1ecdb25ededc11ecbc7ed4063937b6ff94cc3
b6820f7f7a55933bc2f407e5b6fb6a5456333e6d75f11b33d38c10434bd6efc2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/examples/01_layouts_basics/css/layout_3col_standard.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 1063
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "427-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/style.css
200 OK 152 B URL HTTP/1.1 www.residenz-eifelgold.de/root/style/style.css
IP
Hash 477ec68309c3d862e920645280309193
36fb25f77169b46b13985646f238a8c0325baa0b
1454a4b5e1e7807d36df38a78399cc7bd338c8786b8265eb4b8b84e315f459a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/style.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 152
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "98-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/eifelgold.css
200 OK 4.4 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/eifelgold.css
IP
File type assembler source, ASCII text
Hash 3bc3dc7485fec0b95c499225a7d49876
83e4f3b4fb521626775840b835c6ef62600493d3
d7d220a788d118cbb3b0f8a874a65f1ea56d995157245102a42a237e3bf1ce3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/eifelgold.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4388
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 06 Oct 2013 23:00:00 GMT
ETag: "1124-4e81a7ebdbc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/screen/basemod.css
200 OK 3.6 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/screen/basemod.css
IP
Hash 600c9e511738870fb3e8f223cdaaffc9
a41922ad5506439c7b79630b7279dce28f86024b
6ebaafe137d57cca368c7e92df1c71e8ec22c2dfcb342a096f47fd8e9b008482
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/examples/01_layouts_basics/css/screen/basemod.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3557
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Wed, 11 Sep 2013 23:00:00 GMT
ETag: "de5-4e62394b55c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/yaml/navigation/nav_shinybuttons.css
200 OK 2.8 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/yaml/navigation/nav_shinybuttons.css
IP
Hash 1d12ee3b2e72d61c19e23ab4fea9ef50
e5012b640b62c5447417e2632f67df4ffcdd6db7
abbacc0cb01d4fef69d2929b252499c821d15594b7959578d2f06cabe32ae8ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/yaml/navigation/nav_shinybuttons.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2809
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "af9-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/yaml/core/base.css
200 OK 7.9 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/yaml/core/base.css
IP
Hash cbdcc3c2758de0ca8545ba5ad40c6893
e8c9a1b1f64004c75931e693878fc2b8389156f9
643787d1e26121cf502ed58975528c6cd33d8579b46382a1cbafc71f910a1b67
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/yaml/core/base.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 7936
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "1f00-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/screen/content.css
200 OK 5.5 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/screen/content.css
IP
Hash d24d17769bafdd96563757ef8eeb7483
bde296751206adc3d174202355e1a119ce49a7a0
f2aa925ca425fb35087873509af4b58e1c23c725fffd3286d38289e19f037443
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/examples/01_layouts_basics/css/screen/content.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5451
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "154b-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/yaml/navigation/nav_vlist.css
200 OK 3.1 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/yaml/navigation/nav_vlist.css
IP
Hash 91eb2068c363f7d99df224b8abd616be
e0e43710cf08341c02b0367fc0552350cf28d2ab
967f85f0eecc1221d056c72d1aaf42e0f2affac0125613477ec8431a2ed92874
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/yaml/navigation/nav_vlist.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3065
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "bf9-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/yaml/print/print_003_draft.css
200 OK 848 B URL HTTP/1.1 www.residenz-eifelgold.de/root/style/yaml/print/print_003_draft.css
IP
Hash 69a0307f4ef201b03de3ba8ba4040f38
90ddaa7741bbc57b2d3d1642165babd50c2ac4a3
af3fbe0c0a52948173c6576c3484f68fcd1b100565d6eecb30e78c219b0523bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/yaml/print/print_003_draft.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/examples/01_layouts_basics/css/layout_3col_standard.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 848
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "350-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/drucken_eg.gif
200 OK 1.1 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/drucken_eg.gif
IP
File type GIF image data, version 89a, 17 x 17\012- data
Hash 4ceb9ab6a290d0cd4efdf413dc7f724b
7568202b83fc190e4712beedb5d3d1ccdf5aca97
f7146556af1bf624c33ebcbc82c3637c50d7b3e11b5dc34ca852713f3acf9285
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/drucken_eg.gif HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1142
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2016 20:04:48 GMT
ETag: "476-53fb6053c7800"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/spruch1.png
200 OK 8.2 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/spruch1.png
IP
File type PNG image data, 584 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash d1c178aa412df6887891d70189b4e9ac
43723b7f6f8beae395cc36cba13cad0df2aad703
cdbc913f692be6960d90167b19b734808234f3aa2af5f99b6fd7ccbc69f367e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/spruch1.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8195
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Fri, 23 Aug 2013 23:00:00 GMT
ETag: "2003-4e4a55db93c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/home_eg.gif
200 OK 1.2 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/home_eg.gif
IP
File type GIF image data, version 89a, 17 x 17\012- data
Hash 158043ad5a28285791ec7e0f8e988d8a
e6316de8c359250c4796722915b943b9a1bb1e5e
8fb2fb3273a101f0059900a5fb5cd879b7c426df231f36f3fc350c6cf58cd30b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/home_eg.gif HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1168
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Thu, 22 Aug 2013 23:00:00 GMT
ETag: "490-4e4913fe1dc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/mail_eg.gif
200 OK 1.1 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/mail_eg.gif
IP
File type GIF image data, version 89a, 17 x 17\012- data
Hash f0893350dc08f53391d82d0e7a72b49e
9fc94cbe278d5c915a7c1457bd3433bd4a6f758d
4d89717add33a61eccc49dfa8ad8c597882084490012c734451843934ad15eac
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/mail_eg.gif HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1135
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Thu, 22 Aug 2013 23:00:00 GMT
ETag: "46f-4e4913fe1dc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/yaml/core/print_base.css
200 OK 4.0 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/yaml/core/print_base.css
IP
Hash 4ab27b35ffea602c877bed42c3c6e4d4
95a531ec46616200bd4b563541f129047f035d70
5147f9087bc7ed3fe137d476b36a9aadd1d67e5c311e61183b390ce6fa0f184d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/yaml/core/print_base.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/yaml/print/print_003_draft.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4004
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 23:00:00 GMT
ETag: "fa4-44fbc78719c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/pool/artikel/logo_erftflora.png
200 OK 20 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/artikel/logo_erftflora.png
IP
File type PNG image data, 322 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash 927a69456350e7992e4a106ae5dc0cbd
653946d2e2d2e9196ae92a5d7a700e8505757b3f
a8b242d29445290e8f0a82bce1ab3653ead8520bcc2351fa5024467ed557c5e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/artikel/logo_erftflora.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 20487
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Wed, 07 Mar 2018 07:59:10 GMT
ETag: "5007-566cdef240f80"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/logo_eifelgold.png
200 OK 28 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/logo_eifelgold.png
IP
File type PNG image data, 365 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash e1ebaea1ab420f2068d3e07680b2da0a
2716963bce1a56b3894a729a78c7e63fa9b48423
8b59897cc10535bb02edd0d13777e5f923b61bcb63ff4552aaf39a777e34bea1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/logo_eifelgold.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 27983
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Fri, 23 Aug 2013 23:00:00 GMT
ETag: "6d4f-4e4a55db93c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/pool/artikel/facebook-button.gif
200 OK 11 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/artikel/facebook-button.gif
IP
File type GIF image data, version 89a, 332 x 123\012- data
Hash 48bb8835526bda53242b962b7cdc6210
56c2d02a8266206762e59f1a0c6914c92eab337a
7f0faae742b187c698f8177db091841e22f710af540f71bc1c0bb81d73880e36
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/artikel/facebook-button.gif HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 10850
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Tue, 31 May 2016 17:24:00 GMT
ETag: "2a62-53426a37f8c00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/eifelgold_print.css
200 OK 4.4 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/eifelgold_print.css
IP
File type assembler source, ASCII text
Hash 2db96c6e42fc0e9b4f601a653fc12f1a
863b322f58790b21b8cb7c505f4bdf7e2f4cb653
b77d1be43cb0aad18bf8b5292f7736aee1f7db62eb2e9359f5532057a59caee6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/eifelgold_print.css HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4416
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 06 Oct 2013 23:00:00 GMT
ETag: "1140-4e81a7ebdbc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/gruen_hi.png
200 OK 954 B URL HTTP/1.1 www.residenz-eifelgold.de/root/style/gruen_hi.png
IP
File type PNG image data, 1007 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 2af84fc784df28e5d3dd37bd5c1c89aa
778b131fcbf7748c58622d7e0aa10402cd96c3ec
8b04bdbe0d8ac9b370331899dc57304bfac8cba2e501a9cd357e277f2150cc80
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/gruen_hi.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/eifelgold.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 954
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Thu, 22 Aug 2013 23:00:00 GMT
ETag: "3ba-4e4913fe1dc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/style/95weiss.png
200 OK 950 B URL HTTP/1.1 www.residenz-eifelgold.de/root/style/95weiss.png
IP
File type PNG image data, 1007 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash f8b04619ecfede8aa39404b77dcd470d
7f3ddffff3868d6d70fddc42eaaaa801abfa03c0
b3dbbc165fd20e42aa1b9df80a4951ca72287b9df54c0b9161c4c92cdbfb7f84
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/95weiss.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/eifelgold.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 950
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Thu, 22 Aug 2013 23:00:00 GMT
ETag: "3b6-4e4913fe1dc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/includes/hintergrund.php?thema=1
200 OK 389 B URL HTTP/1.1 www.residenz-eifelgold.de/includes/hintergrund.php?thema=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9e1b10383d9a1145fdf70e061a5aab07
a10008e87ca6d236d691b50e232d2540d421e6d2
25cd4f0f427fb634ac0eb35db7d0d8c02e9800dab49c0a1fe5c8c6d8c1af45ad
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /includes/hintergrund.php?thema=1 HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Content-Encoding: gzip
www.residenz-eifelgold.de/root/slides.php?thema=1
200 OK 742 B URL HTTP/1.1 www.residenz-eifelgold.de/root/slides.php?thema=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 126a3f9f22f17b85834cdc75e6ef0491
cc4f81d3879cbb69c932c99fd8f2d0715148a8ca
673fb993781dd8f6370a706d080f79f7ec5d92eac9f47e9659989be0f046dbd2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/slides.php?thema=1 HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Content-Encoding: gzip
www.residenz-eifelgold.de/root/style/fuss_hi.png
200 OK 84 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/style/fuss_hi.png
IP
File type PNG image data, 1007 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 869168856fc8f769c14dc97e11a19a6d
39c385fe171692bfae51bd85389397e5829772cd
b1bfa728ffd40b501c9a2ba969ef0b95c4b3288ac1f4622a759ccba625c82353
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/style/fuss_hi.png HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/style/eifelgold.css
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 83720
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Thu, 22 Aug 2013 23:00:00 GMT
ETag: "14708-4e4913fe1dc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/favicon.ico
404 Not Found 569 B URL HTTP/1.1 www.residenz-eifelgold.de/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 00a39ca58e84db8133cbb4f2e78228db
4a381704ee9ba1f50bef48ffcf57c41432f0328c
b58c50de01f0a38175d7ec2d5d5439966d1abdadbebfba3594b2c6dbf5465a58
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/cms/website.php
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
X-Frame-Options: deny
Content-Encoding: gzip
www.residenz-eifelgold.de/root/js/jquery.min.js
200 OK 93 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/js/jquery.min.js
IP
File type ASCII text, with very long lines (32072)
Hash 628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /root/js/jquery.min.js HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/slides.php?thema=1
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 93107
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Sun, 06 Oct 2013 23:00:00 GMT
ETag: "16bb3-4e81a7ebdbc00"
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 11:07:58 GMT
age: 535
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.residenz-eifelgold.de/root/img/pool/hintergrund/eg_h_27.jpg
200 OK 468 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/hintergrund/eg_h_27.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1200, components 3\012- data
Size 468 kB (468071 bytes)
Hash ac90f46f872e93cde2d724bbbbb022c3
a5eb8d3e9c5eb523b3d3419da4bdc93349e5de35
94bab2b10504312fdcfc7eae6f1f8d9cee6c2dfe7c83f470b946b8cc2a7d78f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/hintergrund/eg_h_27.jpg HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/includes/hintergrund.php?thema=1
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 468071
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:52 GMT
Server: Apache
Last-Modified: Tue, 27 Aug 2013 23:00:00 GMT
ETag: "72467-4e4f5d516bc00"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/pool/hauptbilder/eg-turmzimmer.jpg
200 OK 52 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/hauptbilder/eg-turmzimmer.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=CUBE], baseline, precision 8, 618x326, components 3\012- data
Hash 315b725d825d88c731feac7f64d83c4d
c25cf6acf1104c848832466b9a1f4d2b885bf53b
d2e6ece58d8dfd89cdf2f914944d9af23ca54050ae031a6dff9db893882c23fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/hauptbilder/eg-turmzimmer.jpg HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/slides.php?thema=1
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 51523
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:53 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2016 15:27:13 GMT
ETag: "c943-53fb224855640"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/pool/hauptbilder/eg_restaurant_2.jpg
200 OK 56 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/hauptbilder/eg_restaurant_2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=CUBE], baseline, precision 8, 618x326, components 3\012- data
Hash 2c2cb8157443a61596a13b235355f8c4
9f31accc8fbb50053e692d3960c3874878cd7c00
5778dfcb6de32623438133ca409e381967e6f177a91b6b30d40284d0659509b0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/hauptbilder/eg_restaurant_2.jpg HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/slides.php?thema=1
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 55908
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:53 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2016 15:23:57 GMT
ETag: "da64-53fb218d69d40"
Accept-Ranges: bytes
www.residenz-eifelgold.de/root/img/pool/hauptbilder/seniorentag1.jpg
200 OK 100 kB URL HTTP/1.1 www.residenz-eifelgold.de/root/img/pool/hauptbilder/seniorentag1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 618x464, components 3\012- data
Hash cf2b48f7aad4f25b6b6b0e66ad78ed91
ff5b8b7a2853f9deb59ab353cea6401a06e7706c
fa99e7d4d138f65715c58d1be2e69bef9a1cce890614599e7257de73d840b979
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /root/img/pool/hauptbilder/seniorentag1.jpg HTTP/1.1
Host: www.residenz-eifelgold.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.residenz-eifelgold.de/root/slides.php?thema=1
Cookie: sid=e0f0ca190e9206c4ec14563673e35e43
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 99620
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 14 Dec 2022 11:16:53 GMT
Server: Apache
Last-Modified: Tue, 13 Dec 2016 14:32:41 GMT
ETag: "18524-5438b17b7f440"
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6179
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 11:16:53 GMT
Last-Modified: Wed, 14 Dec 2022 09:33:54 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rZobE9Gp88tZvf93JHmoXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SIzoZwSUQiHzFzA8S6rbZ21QiF8=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11320
Expires: Wed, 14 Dec 2022 14:25:34 GMT
Date: Wed, 14 Dec 2022 11:16:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11320
Expires: Wed, 14 Dec 2022 14:25:34 GMT
Date: Wed, 14 Dec 2022 11:16:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11320
Expires: Wed, 14 Dec 2022 14:25:34 GMT
Date: Wed, 14 Dec 2022 11:16:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 47991
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d88bf89485f0467547ed7e40f3b49ec2
61502d9e6f5d952a6b4c561537da1ce7a006bf7a
cefe64030201fb9442c0282b5eaee9deb0c9505b53a698f212ab7d8fa34c8627
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d49a2e8-6397-48d9-8a2f-003677673ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11169
x-amzn-requestid: 0ba7adab-24bd-4c1b-9f63-38ad94b3010d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoHu3oAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-217102b4485f14cb2b27115b;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LrKSYDn-_OpFhGCOrTnLm7OuF65KwWfbc_FtvARG0KMgrZOsfBH39w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:16 GMT
age: 48218
etag: "61502d9e6f5d952a6b4c561537da1ce7a006bf7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88d6f0a9-7f6f-4650-8d61-2ed3133aaf86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13205
x-amzn-requestid: 23929642-4b48-40f4-8847-854dfca772b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKoH_4oAMF_8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-19ad3c327c190b9227d232a2;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7sZ090BsrHPpf5WTWPKYaCNlYvuh5chiNxw2anH2Kd1WovN9Dc4w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:49:29 GMT
age: 48445
etag: "a167e2211732837cf07b3b9a0b33610492ab8a47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4a3cd18-e9b3-4d42-870c-3d1e2e9c49b2.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4a3cd18-e9b3-4d42-870c-3d1e2e9c49b2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd5bc3956fd58a95eb6bdfbb97ff129a
e62b3387fa07e115cb4ac81866df2f22dea9f116
ece81252213d270a43774f2148a55a88aa3251a6b95a19a928b9f4418a40e224
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4a3cd18-e9b3-4d42-870c-3d1e2e9c49b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13601
x-amzn-requestid: 802f7ff0-2935-4c3d-9325-bf3de94bc9c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ERFFo2oAMFdGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d3-43995c8067846fc67299db31;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4_ONfCNycrJAUpbdmZ4sr9qw-TIh7PGcYaGNUSBL1hwG-Gi4yXRn9g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 17:01:11 GMT
age: 65743
etag: "e62b3387fa07e115cb4ac81866df2f22dea9f116"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a1cf68fc0b78db85fd7e6f08cb74233
7374f9065239670ef563fee52f973cc23dd19833
e4493b517b402d9ea4f239d2913cbd9f316ae3f1e0c5e79c62c457c060f18b27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 8211d14a-d8fa-4f4c-a14f-60e830199a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKqHw7IAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-392d8f374cafe054471d1ff6;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rkKcDnbranYxXDZ2cN8ABILj8WH1q_6HHVRWrYRMsLh5WbkbXamKNw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:16 GMT
age: 48218
etag: "7374f9065239670ef563fee52f973cc23dd19833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622bf755-def0-4e51-bb28-27d9da812817.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622bf755-def0-4e51-bb28-27d9da812817.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cbf03520fcaf4f7e4d67ae4c5e9121c
16ad8a3292a2c80e13c934811b8741299dfcf7b1
9d4e37db254468ea92b877c709952ccff1d0397b7b46697e495512039ee435f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622bf755-def0-4e51-bb28-27d9da812817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11657
x-amzn-requestid: f0eb41e2-34c3-4635-b6ce-c5197fa044f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw5BgGX0IAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903ba3-4db2921576de578c300b3237;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:07:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ioG_mlTK5oYKIc_4-xzoKbue431FT4BbogsicgwkH1mnwIr98Tcz2Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 04:54:01 GMT
age: 22973
etag: "16ad8a3292a2c80e13c934811b8741299dfcf7b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
217.160.0.20
52.42.148.177
23.36.76.226
93.184.220.29