r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18317
Expires: Fri, 03 Feb 2023 16:57:08 GMT
Date: Fri, 03 Feb 2023 11:51:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19906
Expires: Fri, 03 Feb 2023 17:23:37 GMT
Date: Fri, 03 Feb 2023 11:51:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 11:43:35 GMT
content-type: application/json
age: 496
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 334abd65fba33a14b49ad69b3e7d8904
dffac5b40c325a39dd46a69ab216710125271203
bd58998415fde0e849d1133ecffc816ebdbf398329e8218f8d925bda8dfc8774
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:51:51 GMT
Server: ECS (amb/6BA4)
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20206
Expires: Fri, 03 Feb 2023 17:28:37 GMT
Date: Fri, 03 Feb 2023 11:51:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sjtmwQqT6aMqsGWgZ+83XkXv+XrQCxRD8wQZ0hJoB5V3usN/vCaoNwp3fOLcPKP4W2/vSA4hIhDgy+7CpPb2qQ==
x-amz-request-id: XPQGSCK66SGY9B87
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 11:23:31 GMT
age: 1700
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 11:51:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.turmhof.at/home/
185.51.8.60200 OK 4.3 kB IP 185.51.8.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12200), with no line terminators
Hash 5fb00800895cec6bbde6fb4819ab0336
ef93497c63d6591745fe008c74b4fec4fb8b581b
92204a1661a2d233fc1eded52ddecdf737f34bd5bd149115257c052944a3599f
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
quad9 Sinkholed
GET /home/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:51 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3; path=/
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
age: 0
accept-ranges: bytes
content-length: 4270
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/weingut-turmhof.svg
185.51.8.60200 OK 2.4 kB URL HTTP/2 www.turmhof.at/fileadmin/img/weingut-turmhof.svg
IP 185.51.8.60:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 95eeedc797487129162268d919ee9971
ad1287dc258d011f91de76e813b6884e5f7c9a19
872d9c4d84c3f738ee1f4a4187cc3a3765837f8388b184e23121f5967fbfebe5
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/img/weingut-turmhof.svg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 11 Nov 2014 15:42:59 GMT
etag: "963-50797223666c0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2403
content-type: image/svg+xml
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/user_upload/kamptal-winter.jpg
185.51.8.60200 OK 111 kB URL HTTP/2 www.turmhof.at/fileadmin/user_upload/kamptal-winter.jpg
IP 185.51.8.60:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x300, components 3\012- data
Size 111 kB (110654 bytes)
Hash 51cad4f4b55c555f915a437cf4b3e431
725ab65681adc7700f45c9946eb7a8dfde2de4f2
626c20d0e4f91387472f158524a7efc14502dae586623837b30a8f3548b62c4b
Analyzer Verdict Alert quad9 Sinkholed
GET /fileadmin/user_upload/kamptal-winter.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sun, 04 Jan 2015 15:46:39 GMT
etag: "1b03e-50bd57ac195c0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 110654
content-type: image/jpeg
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
185.51.8.60200 OK 24 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
IP 185.51.8.60:0
File type PNG image data, 180 x 246, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c9e8a43a0f0daa6ceee7c0b396929db
463d1af76d54b49eeb4df50d589bc3091b24cd23
1df11a0fe801694d268e1b5551f6236c1bea0af3fd92a0660217a8be7d1882f9
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 26 Aug 2019 10:40:35 GMT
etag: "5e82-59102c932b935"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 24194
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
185.51.8.60200 OK 2.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 97x65, components 3\012- data
Hash f375205904abd42869b823bfe7e945d2
3540b4a3343a5e6a3303bbf0dd9a785af69293d9
55497da883add72f844bc744ee9c112d5fad8babc5cc91f593edbe72d76cedaf
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_daniel-spoerri_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "9fb-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2555
content-type: image/jpeg
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
185.51.8.60200 OK 18 kB URL HTTP/2 www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
IP 185.51.8.60:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x380, components 3\012- data
Hash 134740414ab039e3b941f6e1e536c80d
2a2f746a78091532169f066362fe3c2d58cd2553
7da6aa4e7eeae27100e27d5aa4d9d33b07ba6806709c5b1403eb4e0dbd122786
Analyzer Verdict Alert quad9 Sinkholed
GET /fileadmin/img/marillenmarmelade.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 31 Mar 2015 16:41:56 GMT
etag: "46dc-5129846d13d00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 18140
content-type: image/jpeg
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
185.51.8.60200 OK 52 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
IP 185.51.8.60:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash fb3bed29bf6969942c7c24d578d4df84
0476f65993cef68c42b88d9a54abbe2dc3e71553
4849a28766b47ca0c753c887163b2571edee64a50fb0299903ec6b377f2cd286
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_awc-gold_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 26 Oct 2017 13:05:30 GMT
etag: "ca65-55c72d3aa2e56"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 51813
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 11:49:06 GMT
age: 166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
185.51.8.60200 OK 1.1 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x61, components 3\012- data
Hash ff86c24c34be9076366198dff4a2239b
1cd533b2f2834a06582310a0ff7e6d2d9f3d1fdd
b5e80290915c963f6c79b8cbc4481231bdc3c17bca0ee9c1c770419413a0ab6f
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_kail_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "46a-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1130
content-type: image/jpeg
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
185.51.8.60200 OK 2.7 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 117x134, components 3\012- data
Hash cd270c7eb83c4d52ae51687230278b97
465a04f7af5c22d62d9fbdd4e842ef83e1f56b1c
1364e00bc3e3b1c59f8e66ea4ed83a3ae06c707491ae1994d270b7600de48c72
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_loisium_01.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:06 GMT
etag: "a82-507eb5f971880"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2690
content-type: image/jpeg
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
185.51.8.60200 OK 9.5 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 98493508f06b48fa41e9c5bcdbde8278
e8d6986e81968e8cb4985fa91504364925525005
bb75ba903054bfbb8ea738174516fc8890e97acb0628a3a7919d92397ae8fa78
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_stiegenhaus_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "24f5-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9461
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
185.51.8.60200 OK 5.3 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (1230)
Hash fe1e089131a6aca2400aeb622468a454
9ec239548dab5b6ed80d91667f566b7cae7ae256
7009d502328cd91170cbdc5ca45ef195c1f94c4f9f58063d587f904fe8f5a5ca
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "149a-5e889e7213546"
accept-ranges: bytes
content-length: 5274
cache-control: max-age=604800
expires: Fri, 10 Feb 2023 11:51:52 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/css
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
185.51.8.60200 OK 17 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
IP 185.51.8.60:0
File type PNG image data, 168 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 78d0498cf4a1c01fecfe313ed7fa63d8
707b5cc166a1a16dafb59a8a38dfe3f755e0a849
c39ad8ed6d186834171db7fc85fcd8e70dd275ad6cd0a1e3a5186d4fd0425226
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_kittenberger_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "43fb-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 17403
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_arche-noah.png
185.51.8.60200 OK 4.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_arche-noah.png
IP 185.51.8.60:0
File type PNG image data, 75 x 81, 8-bit/color RGB, non-interlaced\012- data
Hash d49abd24e93496edb8fa090517479857
900372c6f12774dba708b03949369d3f39759dc8
77c40bb6e38f1f9f0745618d7679f809ceb5897c47a89572fdd98243eeeb55e8
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_arche-noah.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:11:32 GMT
etag: "11f6-507eb59fcc500"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 4598
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
185.51.8.60200 OK 16 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash c281f7ed679dcfcf72bbee8698fec873
0ffb5be7bb29def1ed6245efac2423d88fb7a624
8bec635af1c63eeba2be6326e5ed3e0530aeb02a8bee4a130cf04f1c7d6bb948
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_straussenland_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "3e59-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 15961
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
185.51.8.60200 OK 7.4 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
IP 185.51.8.60:0
File type PNG image data, 111 x 74, 8-bit/color RGB, non-interlaced\012- data
Hash 1d886e1847806889c6808ac929f30e60
d2ae6cb156283e7b58b522b92ade3068265d9536
4be006758eccd3cf40eb7e42fe0004da0e290df92b14018e792c455fbb0fc6ef
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_elsarn_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "1cd3-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 7379
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
185.51.8.60200 OK 9.8 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
IP 185.51.8.60:0
File type PNG image data, 244 x 31, 8-bit/color RGB, non-interlaced\012- data
Hash cfd49ae518049a3b9834774c4e07fadc
c49b0f70df83da58ccf25e84f65ef9b50153396f
fdec629e2da1ee95c06049fbfed064f69610951fed3a022b00c202293af598f8
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/RTEmagicC_schlossfestspiele_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "2618-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9752
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/home/Aktualisiere
185.51.8.60301 Moved Permanently 0 B URL HTTP/2 www.turmhof.at/home/Aktualisiere
IP 185.51.8.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /home/Aktualisiere HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
location: https://www.turmhof.at/home/Aktualisiere/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 0
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4390
Expires: Fri, 03 Feb 2023 13:05:02 GMT
Date: Fri, 03 Feb 2023 11:51:52 GMT
Connection: keep-alive
www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
185.51.8.60200 OK 140 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (32065)
Size 140 kB (140516 bytes)
Hash 331db749b23314b1bad5b93fafe609fa
c8e218e61f6918b0a8832fa416651245eb45ec20
123def30c06e0713dce6a1280b0715fb6f206c456027af94699246a25a544edd
Analyzer Verdict Alert quad9 Sinkholed
GET /typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "224e4-5e889e7210666"
accept-ranges: bytes
content-length: 140516
cache-control: max-age=604800
expires: Fri, 10 Feb 2023 11:51:52 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/javascript
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/arrow.png
185.51.8.60200 OK 1.3 kB URL HTTP/2 www.turmhof.at/fileadmin/img/arrow.png
IP 185.51.8.60:0
File type PNG image data, 21 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fbc42e423abd18859e3e06bcd84b7fa
1d2302191daa4c5afae732600953db77d1c62bd2
496ef5ec0fd6405fa8579c51ec5199485934f64faaf3059ccc974198dc403604
Analyzer Verdict Alert quad9 Sinkholed
GET /fileadmin/img/arrow.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 11 Nov 2014 15:42:56 GMT
etag: "510-507972208a000"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1296
content-type: image/png
cache-control: max-age=86400
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/fonts/source-sans-pro-v21-latin-regular.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "32ec-5e6cf2bb62a5a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 13036
content-type: font/woff2
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/fonts/source-sans-pro-v21-latin-300.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:28 GMT
etag: "329c-5e6cf2bad1239"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12956
content-type: font/woff2
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "3124-5e6cf2bb4559a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12580
content-type: font/woff2
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/fonts/source-sans-pro-v21-latin-600.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "32fc-5e6cf2bb08cda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 13052
content-type: font/woff2
age: 221
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
185.51.8.60200 OK 109 kB URL HTTP/2 www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
IP 185.51.8.60:0
File type PNG image data, 2249 x 3067, 8-bit colormap, non-interlaced\012- data
Size 109 kB (109417 bytes)
Hash c6a8590dc805bc91225593002f16aaae
3cf17115e5ca347c710cc03efdf0de8af540d564
f6256e3b713a04fd7cbeaae7e866487a04d0602883a6d01258ffdd9074de0d9e
Analyzer Verdict Alert quad9 Sinkholed
GET /fileadmin/img/zertifiziert-nachhaltige-weine.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:48:12 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 16 Apr 2018 18:29:37 GMT
etag: "1ab69-569fb67842272"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 109417
content-type: image/png
cache-control: max-age=86400
age: 220
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/jcart/config-loader.php?ajax=true
185.51.8.60200 OK 1.0 kB URL HTTP/2 www.turmhof.at/fileadmin/jcart/config-loader.php?ajax=true
IP 185.51.8.60:0
File type JSON data\012- , ASCII text, with very long lines (1007), with no line terminators
Hash 08a170c8da536f62c26625501498ab18
acbb249a30a96b69a7b4ec4df642507a510c0895
fa4b93bfc6318c686ff6584cfe169249efb2dc023372b3976e561ad453f70c46
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fileadmin/jcart/config-loader.php?ajax=true HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: application/json; charset=utf-8
age: 0
accept-ranges: bytes
content-length: 1007
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.71.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.71.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QhdGOZjV7ndDV8l9IobTzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vGy2BtokMysSEKhvi36nlqji0CM=
www.turmhof.at/android-icon-192x192.png
185.51.8.60200 OK 3.9 kB URL HTTP/2 www.turmhof.at/android-icon-192x192.png
IP 185.51.8.60:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 3eabb9bf16cbd62536b64227d2f45a3d
4fe2947c933b93a2b1bb2e7b666d89ad95a0e1f9
57c6b9924b6025350f495632c8551f4bbbcbd7e4a1b0b800672b68faa48d1546
Analyzer Verdict Alert quad9 Sinkholed
GET /android-icon-192x192.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
vary: Accept-Encoding
last-modified: Mon, 01 Jul 2019 19:59:54 GMT
etag: "f2f-58ca412642ecd"
content-length: 3887
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: image/png
cache-control: max-age=86400
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/favicon-16x16.png
185.51.8.60200 OK 1.3 kB URL HTTP/2 www.turmhof.at/favicon-16x16.png
IP 185.51.8.60:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b8a51e07dbc1a9e5f2dcbd46aaa32ddc
45b6b5b239008a0a49740d253584ecaa92b30ad0
cfd5bf87f1faf7b02424ef8a47e0fe0ed16812691b306b65a73e179d8e636906
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon-16x16.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
vary: Accept-Encoding
last-modified: Mon, 01 Jul 2019 19:59:55 GMT
etag: "515-58ca41277d611"
content-length: 1301
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: image/png
cache-control: max-age=86400
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3263
Expires: Fri, 03 Feb 2023 12:46:17 GMT
Date: Fri, 03 Feb 2023 11:51:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3263
Expires: Fri, 03 Feb 2023 12:46:17 GMT
Date: Fri, 03 Feb 2023 11:51:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3263
Expires: Fri, 03 Feb 2023 12:46:17 GMT
Date: Fri, 03 Feb 2023 11:51:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3263
Expires: Fri, 03 Feb 2023 12:46:17 GMT
Date: Fri, 03 Feb 2023 11:51:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 48184
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EUE3i8Lccx5p9GVN4Dv3DOhFmG_4byC3LrD7SLrk4A5Zbone-NJwVA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:52:34 GMT
age: 50360
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 48241
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 41210
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1d6fa4715c4e78250b2f72ddd2706f1
be04ac3a50aa6f1b349a2410ad386d92de3222be
d1c3c1b7016428bf2a085b71ca0d1e215a64b3d31ff15b0ef8bf5a78f11d9ae5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8543
x-amzn-requestid: 3dc0960e-97db-42c8-99ac-623a44e8bb3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv0wGJhIAMFaTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ceb-5ad3ef033a62559762db42b9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EKWOeGruQEm9HuSlJMiEEw_gN1p37qTTIhYqaiQ6bFaCF65kUfmMtA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:55:01 GMT
age: 50213
etag: "be04ac3a50aa6f1b349a2410ad386d92de3222be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 25113
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.turmhof.at/home/Aktualisiere/
185.51.8.60404 Not Found 0 B URL HTTP/2 www.turmhof.at/home/Aktualisiere/
IP 185.51.8.60:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /home/Aktualisiere/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=edlor2c6osie4jlogggnfi6tm3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 11:51:52 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2