golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
81.169.145.143301 Moved Permanently 307 B URL HTTP/1.1 golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP 81.169.145.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dc952ebe4028040e0cb7994b19935664
03c96478938783e2c7b0f2ec17033aee4c915e82
f39f00f281f2432e21b68f296e1d9c892336930c47afeaf39f639d66be594c94
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Sep 2022 14:20:32 GMT
Server: Apache/2.4.54 (Unix)
Location: https://golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Content-Length: 307
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 13:58:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4m8iW-mSV0adBShgLKHPvYg2qfUWIZGgjCpWPZjDEYy3nf_6MzqYOg==
Age: 1347
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12518
Expires: Fri, 30 Sep 2022 17:49:10 GMT
Date: Fri, 30 Sep 2022 14:20:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TULz0pYbq0g7UDu84eraMBFuLTH5k1UqicfQB2GXGNjtMyPwbKAmrw==
age: 31925
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 14:20:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1a1906f8aa3ead1c72789ab03d46cfaf
ad7aa62d9a0df496d8abd5e7d7ca688d39927900
5a25a6afbaff61842d3ec788ea59af8848cb86e3a2ccb196fb694a663058a7fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 14:20:32 GMT
Server: ECS (amb/6BB3)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 13:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 14:03:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4EK9ssSzraxsA27zTIUBGOu4EWKAam6DX9-eaOSgHv8uzqdvo0H-Vg==
Age: 3060
golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
81.169.145.143301 Moved Permanently 0 B URL HTTP/2 golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP 81.169.145.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 30 Sep 2022 14:20:32 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 14:20:33 GMT
Last-Modified: Fri, 30 Sep 2022 14:16:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p7PiFHniare8KC50sdfk0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /pm1aA7t4JYlWxajleR0MFSjOZ8=
www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
81.169.145.143200 OK 89 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:36:41 GMT
etag: "15b64-5e3a5d121ee1d"
accept-ranges: bytes
content-length: 88932
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
81.169.145.143200 OK 19 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 May 2022 12:43:44 GMT
etag: "48b9-5e03a01ad94ff"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
81.169.145.143200 OK 14 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (13766)
Hash 5d8196e24934606121af1009061580d0
d2a14c123f5b0826b363e5f14df7452c9d60daaf
b73cf9b935f15def37f494f77797e5c41cedbcbe46f4530bac39391ecb44e948
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:17 GMT
etag: "35ed-5e79b93208353"
accept-ranges: bytes
content-length: 13805
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
81.169.145.143200 OK 776 B URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 81.169.145.143:0
Hash a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 14:34:05 GMT
etag: "308-5e77645b61bb7"
accept-ranges: bytes
content-length: 776
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
81.169.145.143404 Not Found 53 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP 81.169.145.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19233), with CRLF, LF line terminators
Hash 46a8a2a6b9313e50f44b36ad4edd66ed
f6e16f48e0718c6a520f2ffd3d726f02d3fdf94c
975317845fb5fbde4299eab17fb6dae84cada4401e516689d254367fbcfcec60
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
date: Fri, 30 Sep 2022 14:20:33 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
81.169.145.143200 OK 166 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (65497)
Size 166 kB (165666 bytes)
Hash cffd0c4fc98043244b65e9c11714f230
b84c66438caad779dcb90d40c8e2929145631751
1b827fe08f827b904a103fd1c4c2f2c9db0d1878ad09a7c00b197e890fd8100c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:17 GMT
etag: "28722-5e79b93210fce"
accept-ranges: bytes
content-length: 165666
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4
81.169.145.143200 OK 59 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (59158)
Hash 74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "e7d0-5e79b93364d7b"
accept-ranges: bytes
content-length: 59344
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4
81.169.145.143200 OK 27 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (26516)
Hash c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "684e-5e79b9337e70e"
accept-ranges: bytes
content-length: 26702
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1662030285
81.169.145.143200 OK 1.3 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1662030285
IP 81.169.145.143:0
File type ASCII text, with very long lines (1250), with no line terminators
Hash f9b1f3b76aaf8980f1c4e118b87a6996
47b719d7da08f2f876429070c2f8bcadca3ee2cf
e206cdf9a108a62dcca31901fda251a15f46b37d5758d056c118b976dbc840b4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-3029.css?ver=1662030285 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:45 GMT
etag: "4e2-5e79b94caef38"
accept-ranges: bytes
content-length: 1250
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
81.169.145.143200 OK 27 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
IP 81.169.145.143:0
Hash d20fd38e678f8ce9e9157df28741580a
36fd33f0aebe4594b1fe041607ad5c24de287662
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "6a12-5e9583d8d866f"
accept-ranges: bytes
content-length: 27154
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
81.169.145.143200 OK 69 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (9171), with CRLF line terminators
Hash 90cb1507c3af20339f9e8f06f7de96d8
2b0d4a712790dab29e2947afe1fb7606d3a88041
2b25de735ba1557e9e694bc2301897f1b7a8eeaf49b503e8e8d52e3a52f6a800
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "10f3f-5e9583d8a98c3"
accept-ranges: bytes
content-length: 69439
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
81.169.145.143200 OK 5.6 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Oct 2020 13:03:16 GMT
etag: "15fd-5b22df881e2b1"
accept-ranges: bytes
content-length: 5629
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
81.169.145.143200 OK 12 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
IP 81.169.145.143:0
File type ASCII text, with CRLF line terminators
Hash fddc165482db1b4f50e15c527b48801a
6c14b2ed143dab3683310035210c2abe700e81ce
e5bb920d126441b27d8e5a9a9665dc906da81ea21f26ec3a788b70bd40b26d1a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "2f9d-5e9583d97e2b3"
accept-ranges: bytes
content-length: 12189
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
81.169.145.143200 OK 49 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
IP 81.169.145.143:0
File type GTA in-game text (GXT), version 10799, used in GTA SA/IV\012- , ASCII text, with CRLF line terminators
Hash 44102ac61c442e9d18cbe62f97351f55
6585ab8cce6f704bdac597070e179512d489b426
0c3d36461dc42b948537816e18dd28bc47f50550b0d1d6c3b483f28821403caa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c088-5e9583d9801dc"
accept-ranges: bytes
content-length: 49288
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
81.169.145.143200 OK 11 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Dec 2020 14:59:45 GMT
etag: "2bd8-5b722f1205ba3"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4
81.169.145.143200 OK 15 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (14869)
Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "3acf-5e79b9339db14"
accept-ranges: bytes
content-length: 15055
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1
81.169.145.143200 OK 2.2 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1
IP 81.169.145.143:0
File type ASCII text, with very long lines (1879), with CRLF line terminators
Hash 6c75e71e2f6efcb2563ff9881c0f3a7b
393f3a42e9eabffb92305aaa051c5bc76be69fd9
0a7f759243c427d92d61b7981ada47994586d522eebe571b652d508b084c4657
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "867-5e9583d969aa2"
accept-ranges: bytes
content-length: 2151
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
81.169.145.143200 OK 8.1 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
IP 81.169.145.143:0
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "1f73-5e9583d96f09f"
accept-ranges: bytes
content-length: 8051
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
81.169.145.143200 OK 31 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 81.169.145.143:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "7917-5e79b9336e535"
accept-ranges: bytes
content-length: 30999
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
81.169.145.143200 OK 90 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 81.169.145.143:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Oct 2021 15:38:23 GMT
etag: "15db1-5cd4c5a8311ca"
accept-ranges: bytes
content-length: 89521
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
81.169.145.143200 OK 159 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (895), with CRLF line terminators
Size 159 kB (158587 bytes)
Hash 2d157420211f5f636e9b91795d970448
86435e60acacc7875438cc0932f8ca1f48e83570
dc0e9119053e001c05166da6ee240030e4f2fa4f701f3d21fa676d9be73390d0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/style.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "26b7b-5e9583d99b730"
accept-ranges: bytes
content-length: 158587
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
81.169.145.143200 OK 29 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (414), with CRLF line terminators
Hash 954a67ef1d330ada883d73bdc015400b
0263e3bd72466a22416998974d9c3f1d23200ac0
d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "7308-5e9583d972eea"
accept-ranges: bytes
content-length: 29448
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
81.169.145.143200 OK 52 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
IP 81.169.145.143:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 937863cd2af636d785af0e8c14de5003
4bbe983ee5f60475b4d3028da30c8b3c023d7034
50bf870be28e04a4f4e075f2c259090c2fb934467d35ba15ac364f6be78d65f6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c951-5e9583d974277"
accept-ranges: bytes
content-length: 51537
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
81.169.145.143200 OK 77 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 81.169.145.143:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "12d68-5e79b9339082e"
accept-ranges: bytes
content-length: 77160
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
81.169.145.143200 OK 35 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
IP 81.169.145.143:0
File type PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Hash 9b10c6d00f12855346357940646fb7a2
c347afc5b3b38bb8ae4ea8e0fce6b7ce0566d297
1338281d8454d0fe94426c466aa0ee850abdd45093158abff5385567fbf43236
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/02/PGA.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:10 GMT
etag: "88b0-59f00771424b6"
accept-ranges: bytes
content-length: 34992
content-type: image/png
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
81.169.145.143200 OK 18 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
IP 81.169.145.143:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 188x175, components 3\012- data
Hash 607d6e99ab7888e3428cf1c488984fc0
c851a59714b86d1a3316f4897e449ac348cc78fa
057eb7883e4539238ad411ac894b3a4f38aaa64d0fca9da64437f211b99aff3a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/02/Crest.jpg HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:09 GMT
etag: "452e-59f00770fac2d"
accept-ranges: bytes
content-length: 17710
content-type: image/jpeg
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
81.169.145.143200 OK 13 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
IP 81.169.145.143:0
File type PNG image data, 147 x 175, 8-bit grayscale, non-interlaced\012- data
Hash c5a7ed4f83b1844d2760855b506eecaa
3a4921d3a2e26ac9c1ffc2d4d6cc95611ec4195a
bd3ed10df7d96e9a4add932754284b49c4971d769c872d6b364001d1675c32a5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/02/images-e1613926147447.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Feb 2021 16:49:07 GMT
etag: "32ad-5bbdb76bde525"
accept-ranges: bytes
content-length: 12973
content-type: image/png
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 139a144f8cb04ac8aae65f4bad1473e7
265840b2d2fc6eb764cc6409b05deee8d77a19c2
6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 59719
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 59708
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 27968
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1389b1d624b44706c7a6f6b7eb769241
78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 57598
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 23:45:42 GMT
age: 52492
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8337b3316a9c7ee94fea710d83ab5b70
632f621fe04de121001fb4d3b51fa8e318376bb2
070deb0d8955fabda308ae55d6ed0ebead9a5ea310b913e6ef762eb16b63c100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9685
x-amzn-requestid: a7a4df5a-3456-4658-aba9-abec376d79af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZaHHJIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-28aecee27887f6516d2df6c9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wzCOPcEwFdINaJFDS3hgms9bG2-nL2YsQJ9tNmWq7xd7S05irtgpbQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 59719
etag: "632f621fe04de121001fb4d3b51fa8e318376bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/favicon.ico
81.169.145.143302 Found 0 B URL HTTP/2 www.golfschule-mcqueen.de/favicon.ico
IP 81.169.145.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
81.169.145.143200 OK 4.1 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
IP 81.169.145.143:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 01:35:09 GMT
etag: "1017-5a7c4f894c834"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 30 Sep 2022 14:20:35 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
81.169.145.143200 OK 0 B URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
IP 81.169.145.143:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "fb09-5e9583d8b5c09"
accept-ranges: bytes
content-length: 64265
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
81.169.145.143200 OK 0 B URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP 81.169.145.143:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "89db-5e9583d94aa60"
accept-ranges: bytes
content-length: 35291
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.2
81.169.145.143200 OK 0 B URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 81.169.145.143:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 13:35:07 GMT
etag: "e688-5c002ee893c26"
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2