Report - golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788

Report Overview

Submitted URL
golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP
81.169.145.143
ASN
#6724 Strato AG
Submitted
2022-09-30 14:20:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.4 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
golfschule-mcqueen.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	1.1 kB	81.169.145.143
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.240.207.158
www.golfschule-mcqueen.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	1.1 MB	81.169.145.143

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1662030285	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2	Malware
2022-09-30	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed
2022-09-30	medium	golfschule-mcqueen.de	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2	64 kB	2023-03-07	2024-04-21
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2024-04-21 00:05:08 Times Seen710 Hash 914691f1d96f777c171b750e372b0653 c3e3ce40e200c3313ebf7cfa080911f86a9cdb0d 53d8207647b52ec625a9aa50384248b7995c2a1c28d71bf08587ca42495ddd0b Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1	2.2 kB	2023-03-07	2023-11-19
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2023-11-19 17:20:01 Times Seen24 Hash 6c75e71e2f6efcb2563ff9881c0f3a7b 393f3a42e9eabffb92305aaa051c5bc76be69fd9 0a7f759243c427d92d61b7981ada47994586d522eebe571b652d508b084c4657 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-26
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 16:08:31 Times Seen38067 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 16:08:31 Times Seen68676 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3	8.1 kB	2023-03-07	2024-04-26
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:57 Last Seen2024-04-26 11:35:17 Times Seen2538 Hash 4fe14337a62d710389f42e8a5d1043f7 5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5 069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2	29 kB	2023-03-07	2023-07-14
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2023-07-14 16:52:25 Times Seen10 Hash 954a67ef1d330ada883d73bdc015400b 0263e3bd72466a22416998974d9c3f1d23200ac0 d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25 Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	35 kB	2023-03-07	2024-04-21
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2024-04-21 00:05:08 Times Seen522 Hash b15244e2e9088c1bd82e443f3f6ea2ec 5017a952ee8f3e8fa592f69d8fd692e74800c018 eabcdac849f25a0284662f136280ded01cd2a74682288f2fce8f27f5561e22e4 Loading...

	www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788	2.2 kB	2023-03-07	2023-03-08
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2023-03-08 03:51:40 Times Seen1 Hash b93d9457195bb10eee954a0d4210e049 dd132b3c892dd563879bd72593715f803dad17dd dbe7d544f5b0bda506e0e003e130c2e7d72203a1074fd05594689e06d6995aa8 Loading...

	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4	15 kB	2023-03-07	2024-04-26
Pretty URL www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-26 13:53:03 Times Seen16393 Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6 678bc6f750f13adb29bbc158eb0d9cd813b736fa 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 19:50:14 Times Seen37099397 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (52)

URL IP Response Size

golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788

81.169.145.143

301 Moved Permanently

307 B

URL HTTP/1.1
golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
307 B (307 bytes)
Hash
dc952ebe4028040e0cb7994b19935664
03c96478938783e2c7b0f2ec17033aee4c915e82
f39f00f281f2432e21b68f296e1d9c892336930c47afeaf39f639d66be594c94

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Sep 2022 14:20:32 GMT
Server: Apache/2.4.54 (Unix)
Location: https://golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Content-Length: 307
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 13:58:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4m8iW-mSV0adBShgLKHPvYg2qfUWIZGgjCpWPZjDEYy3nf_6MzqYOg==
Age: 1347

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12518
Expires: Fri, 30 Sep 2022 17:49:10 GMT
Date: Fri, 30 Sep 2022 14:20:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TULz0pYbq0g7UDu84eraMBFuLTH5k1UqicfQB2GXGNjtMyPwbKAmrw==
age: 31925
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 14:20:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1a1906f8aa3ead1c72789ab03d46cfaf
ad7aa62d9a0df496d8abd5e7d7ca688d39927900
5a25a6afbaff61842d3ec788ea59af8848cb86e3a2ccb196fb694a663058a7fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 14:20:32 GMT
Server: ECS (amb/6BB3)
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 13:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 14:03:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4EK9ssSzraxsA27zTIUBGOu4EWKAam6DX9-eaOSgHv8uzqdvo0H-Vg==
Age: 3060

golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788

81.169.145.143

301 Moved Permanently

0 B

URL HTTP/2
golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Fri, 30 Sep 2022 14:20:32 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 14:20:33 GMT
Last-Modified: Fri, 30 Sep 2022 14:16:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.240.207.158

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.207.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p7PiFHniare8KC50sdfk0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /pm1aA7t4JYlWxajleR0MFSjOZ8=

www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

81.169.145.143

200 OK

89 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:36:41 GMT
etag: "15b64-5e3a5d121ee1d"
accept-ranges: bytes
content-length: 88932
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

81.169.145.143

200 OK

19 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 May 2022 12:43:44 GMT
etag: "48b9-5e03a01ad94ff"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4

81.169.145.143

200 OK

14 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (13766)
Size
14 kB (13805 bytes)
Hash
5d8196e24934606121af1009061580d0
d2a14c123f5b0826b363e5f14df7452c9d60daaf
b73cf9b935f15def37f494f77797e5c41cedbcbe46f4530bac39391ecb44e948

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:17 GMT
etag: "35ed-5e79b93208353"
accept-ranges: bytes
content-length: 13805
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13

81.169.145.143

200 OK

776 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text
Size
776 B (776 bytes)
Hash
a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 14:34:05 GMT
etag: "308-5e77645b61bb7"
accept-ranges: bytes
content-length: 776
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788

81.169.145.143

404 Not Found

53 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19233), with CRLF, LF line terminators
Size
53 kB (52721 bytes)
Hash
46a8a2a6b9313e50f44b36ad4edd66ed
f6e16f48e0718c6a520f2ffd3d726f02d3fdf94c
975317845fb5fbde4299eab17fb6dae84cada4401e516689d254367fbcfcec60

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
date: Fri, 30 Sep 2022 14:20:33 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4

81.169.145.143

200 OK

166 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65497)
Size
166 kB (165666 bytes)
Hash
cffd0c4fc98043244b65e9c11714f230
b84c66438caad779dcb90d40c8e2929145631751
1b827fe08f827b904a103fd1c4c2f2c9db0d1878ad09a7c00b197e890fd8100c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:17 GMT
etag: "28722-5e79b93210fce"
accept-ranges: bytes
content-length: 165666
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4

81.169.145.143

200 OK

59 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (59158)
Size
59 kB (59344 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "e7d0-5e79b93364d7b"
accept-ranges: bytes
content-length: 59344
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4

81.169.145.143

200 OK

27 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (26516)
Size
27 kB (26702 bytes)
Hash
c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "684e-5e79b9337e70e"
accept-ranges: bytes
content-length: 26702
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1662030285

81.169.145.143

200 OK

1.3 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1662030285
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (1250), with no line terminators
Size
1.3 kB (1250 bytes)
Hash
f9b1f3b76aaf8980f1c4e118b87a6996
47b719d7da08f2f876429070c2f8bcadca3ee2cf
e206cdf9a108a62dcca31901fda251a15f46b37d5758d056c118b976dbc840b4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-3029.css?ver=1662030285 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:45 GMT
etag: "4e2-5e79b94caef38"
accept-ranges: bytes
content-length: 1250
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6

81.169.145.143

200 OK

27 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text
Size
27 kB (27154 bytes)
Hash
d20fd38e678f8ce9e9157df28741580a
36fd33f0aebe4594b1fe041607ad5c24de287662
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "6a12-5e9583d8d866f"
accept-ranges: bytes
content-length: 27154
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2

81.169.145.143

200 OK

69 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (9171), with CRLF line terminators
Size
69 kB (69439 bytes)
Hash
90cb1507c3af20339f9e8f06f7de96d8
2b0d4a712790dab29e2947afe1fb7606d3a88041
2b25de735ba1557e9e694bc2301897f1b7a8eeaf49b503e8e8d52e3a52f6a800

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "10f3f-5e9583d8a98c3"
accept-ranges: bytes
content-length: 69439
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4

81.169.145.143

200 OK

5.6 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (5477)
Size
5.6 kB (5629 bytes)
Hash
3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 21 Oct 2020 13:03:16 GMT
etag: "15fd-5b22df881e2b1"
accept-ranges: bytes
content-length: 5629
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2

81.169.145.143

200 OK

12 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with CRLF line terminators
Size
12 kB (12189 bytes)
Hash
fddc165482db1b4f50e15c527b48801a
6c14b2ed143dab3683310035210c2abe700e81ce
e5bb920d126441b27d8e5a9a9665dc906da81ea21f26ec3a788b70bd40b26d1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "2f9d-5e9583d97e2b3"
accept-ranges: bytes
content-length: 12189
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2

81.169.145.143

200 OK

49 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
GTA in-game text (GXT), version 10799, used in GTA SA/IV\012- , ASCII text, with CRLF line terminators
Size
49 kB (49288 bytes)
Hash
44102ac61c442e9d18cbe62f97351f55
6585ab8cce6f704bdac597070e179512d489b426
0c3d36461dc42b948537816e18dd28bc47f50550b0d1d6c3b483f28821403caa

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c088-5e9583d9801dc"
accept-ranges: bytes
content-length: 49288
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

81.169.145.143

200 OK

11 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 23 Dec 2020 14:59:45 GMT
etag: "2bd8-5b722f1205ba3"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4

81.169.145.143

200 OK

15 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (14869)
Size
15 kB (15055 bytes)
Hash
7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "3acf-5e79b9339db14"
accept-ranges: bytes
content-length: 15055
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1

81.169.145.143

200 OK

2.2 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (1879), with CRLF line terminators
Size
2.2 kB (2151 bytes)
Hash
6c75e71e2f6efcb2563ff9881c0f3a7b
393f3a42e9eabffb92305aaa051c5bc76be69fd9
0a7f759243c427d92d61b7981ada47994586d522eebe571b652d508b084c4657

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "867-5e9583d969aa2"
accept-ranges: bytes
content-length: 2151
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3

81.169.145.143

200 OK

8.1 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (7808), with CRLF line terminators
Size
8.1 kB (8051 bytes)
Hash
4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "1f73-5e9583d96f09f"
accept-ranges: bytes
content-length: 8051
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

81.169.145.143

200 OK

31 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (30837)
Size
31 kB (30999 bytes)
Hash
008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "7917-5e79b9336e535"
accept-ranges: bytes
content-length: 30999
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

81.169.145.143

200 OK

90 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 01 Oct 2021 15:38:23 GMT
etag: "15db1-5cd4c5a8311ca"
accept-ranges: bytes
content-length: 89521
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2

81.169.145.143

200 OK

159 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (895), with CRLF line terminators
Size
159 kB (158587 bytes)
Hash
2d157420211f5f636e9b91795d970448
86435e60acacc7875438cc0932f8ca1f48e83570
dc0e9119053e001c05166da6ee240030e4f2fa4f701f3d21fa676d9be73390d0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/style.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "26b7b-5e9583d99b730"
accept-ranges: bytes
content-length: 158587
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2

81.169.145.143

200 OK

29 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (414), with CRLF line terminators
Size
29 kB (29448 bytes)
Hash
954a67ef1d330ada883d73bdc015400b
0263e3bd72466a22416998974d9c3f1d23200ac0
d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "7308-5e9583d972eea"
accept-ranges: bytes
content-length: 29448
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2

81.169.145.143

200 OK

52 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
52 kB (51537 bytes)
Hash
937863cd2af636d785af0e8c14de5003
4bbe983ee5f60475b4d3028da30c8b3c023d7034
50bf870be28e04a4f4e075f2c259090c2fb934467d35ba15ac364f6be78d65f6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c951-5e9583d974277"
accept-ranges: bytes
content-length: 51537
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

81.169.145.143

200 OK

77 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 11:04:19 GMT
etag: "12d68-5e79b9339082e"
accept-ranges: bytes
content-length: 77160
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png

81.169.145.143

200 OK

35 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
35 kB (34992 bytes)
Hash
9b10c6d00f12855346357940646fb7a2
c347afc5b3b38bb8ae4ea8e0fce6b7ce0566d297
1338281d8454d0fe94426c466aa0ee850abdd45093158abff5385567fbf43236

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/PGA.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:10 GMT
etag: "88b0-59f00771424b6"
accept-ranges: bytes
content-length: 34992
content-type: image/png
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg

81.169.145.143

200 OK

18 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 188x175, components 3\012- data
Size
18 kB (17710 bytes)
Hash
607d6e99ab7888e3428cf1c488984fc0
c851a59714b86d1a3316f4897e449ac348cc78fa
057eb7883e4539238ad411ac894b3a4f38aaa64d0fca9da64437f211b99aff3a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/Crest.jpg HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:09 GMT
etag: "452e-59f00770fac2d"
accept-ranges: bytes
content-length: 17710
content-type: image/jpeg
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png

81.169.145.143

200 OK

13 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 147 x 175, 8-bit grayscale, non-interlaced\012- data
Size
13 kB (12973 bytes)
Hash
c5a7ed4f83b1844d2760855b506eecaa
3a4921d3a2e26ac9c1ffc2d4d6cc95611ec4195a
bd3ed10df7d96e9a4add932754284b49c4971d769c872d6b364001d1675c32a5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/02/images-e1613926147447.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 21 Feb 2021 16:49:07 GMT
etag: "32ad-5bbdb76bde525"
accept-ranges: bytes
content-length: 12973
content-type: image/png
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8820
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 14:20:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10380 bytes)
Hash
139a144f8cb04ac8aae65f4bad1473e7
265840b2d2fc6eb764cc6409b05deee8d77a19c2
6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 59719
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5106 bytes)
Hash
13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 59708
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8059 bytes)
Hash
d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 27968
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16011 bytes)
Hash
1389b1d624b44706c7a6f6b7eb769241
78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 57598
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7810 bytes)
Hash
456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 23:45:42 GMT
age: 52492
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9685 bytes)
Hash
8337b3316a9c7ee94fea710d83ab5b70
632f621fe04de121001fb4d3b51fa8e318376bb2
070deb0d8955fabda308ae55d6ed0ebead9a5ea310b913e6ef762eb16b63c100

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9685
x-amzn-requestid: a7a4df5a-3456-4658-aba9-abec376d79af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZaHHJIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-28aecee27887f6516d2df6c9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wzCOPcEwFdINaJFDS3hgms9bG2-nL2YsQJ9tNmWq7xd7S05irtgpbQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 59719
etag: "632f621fe04de121001fb4d3b51fa8e318376bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/favicon.ico

81.169.145.143

302 Found

0 B

URL HTTP/2
www.golfschule-mcqueen.de/favicon.ico
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.22
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png

81.169.145.143

200 OK

4.1 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 01:35:09 GMT
etag: "1017-5a7c4f894c834"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 30 Sep 2022 14:20:35 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2

81.169.145.143

200 OK

0 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "fb09-5e9583d8b5c09"
accept-ranges: bytes
content-length: 64265
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6

81.169.145.143

200 OK

0 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "89db-5e9583d94aa60"
accept-ranges: bytes
content-length: 35291
content-type: application/javascript
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.2

81.169.145.143

200 OK

0 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?56412=2119788
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 13:35:07 GMT
etag: "e688-5c002ee893c26"
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Fri, 30 Sep 2022 14:20:34 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations