r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12815
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 12:35:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3834
Cache-Control: max-age=169169
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:37 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:35:06 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3933
Expires: Thu, 01 Dec 2022 13:41:10 GMT
Date: Thu, 01 Dec 2022 12:35:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w4FMxMYiu3BUF3zEMDoVJaSUyuWGAcwh3b2HF0CBppaXBb2fTTqKEDHnLGW/8qWf4SzffeHEETA=
x-amz-request-id: GET6XMMA5XMJWVRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:45:39 GMT
age: 2998
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1049
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 12:35:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 12:11:15 GMT
cache-control: public,max-age=3600
age: 1463
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:38 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G5dEDKJxhHj90hnm+bt1Tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bBOwwkfcJDeRf1mYqMdCktBFOrQ=
www.zum-ochsen-wonsheim.de/
217.160.0.205301 Moved Permanently 0 B URL HTTP/1.1 www.zum-ochsen-wonsheim.de/
IP 217.160.0.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Dec 2022 12:35:37 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://www.zum-ochsen-wonsheim.de/
www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5
217.160.0.205200 OK 693 B URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5
IP 217.160.0.205:0
Hash 9b0f26cf8d22d4e9455f67b21c2f9759
f0240a4411d4a2eb073c574d37618e503392b76e
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 693
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:34 GMT
etag: "2b5-5dbfb0a02dd29"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5
217.160.0.205200 OK 112 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5
IP 217.160.0.205:0
File type ASCII text, with very long lines (460)
Size 112 kB (112429 bytes)
Hash b1f6e18313d5d60bf9b3140153513bdb
2c4c8fa9fde58a2a94ad140d36560cc01631d300
cd0399977b416c5a727572c4a5a1453709176b6113b98219b15ba1c7a0a70c8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 112429
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1b72d-5dbfb096fe2e8"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 53407
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 53180
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227
217.160.0.205200 OK 9.0 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227
IP 217.160.0.205:0
File type ASCII text, with very long lines (5325)
Hash d257eb016b7fb8a69e69d8f6e611fea8
b455bd3e0c9ce936aae65cec7540825cb43efddd
70cf3c7d57fa5347d9d07009ca44eab57ac383afc292f2b9444d0bb36a9b9403
GET /wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 9045
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "2355-5eccf97966d9a"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 53406
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 83646
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 29181
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9
217.160.0.205200 OK 40 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9
IP 217.160.0.205:0
File type Unicode text, UTF-8 text, with very long lines (32254), with CRLF, LF line terminators
Hash 4bff375301787c91f4de67062c9073c2
6011048c3af24680d1fb2955deb3d00ebf746cd3
2d629d1a0c01d415c23f961001a6f59421e31180f54c67d2ecd67691ba412cf6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 40244
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:01 GMT
etag: "9d34-5dbfb0b9cca2a"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 53453
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
217.160.0.205200 OK 20 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
IP 217.160.0.205:0
File type ASCII text, with very long lines (20034), with no line terminators
Hash d8498424335baaa0eae4154374a2c8ff
ac30621dc607c5798c4be858efa7ab08ec9df35e
9a9326f34089dc930915f81991d89d376a430d6836765d1acef5492c1f5bfb11
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 20034
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "4e42-5eccf9796dafb"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227
217.160.0.205200 OK 46 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227
IP 217.160.0.205:0
File type ASCII text, with very long lines (13512)
Hash 10ac09f8547b6030ae610d8d33b8c285
ea38fa402f70a0555e48e0dff22f0b40f262fad1
01ffecd2396f57a6241264788bb0b9c139839f14b75c2d37bcb6da04e9ba5438
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 45823
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:47 GMT
etag: "b2ff-5eccf97827821"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/ochsen.png
217.160.0.205200 OK 86 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/ochsen.png
IP 217.160.0.205:0
File type PNG image data, 400 x 191, 8-bit/color RGBA, non-interlaced\012- data
Hash deedfe271b136022128cf72e840b9308
968a967533ececccb57ab68be058522986e368e4
af796a59e7083c0dfbbe3ea1bee8b521b089aadcd9db5b6be507d81041d34243
GET /wp-content/uploads/2018/07/ochsen.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 86327
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:37 GMT
etag: "15137-5b531b2913f00"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/flags/24/de.png
217.160.0.205200 OK 602 B URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/flags/24/de.png
IP 217.160.0.205:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a2ba86f3b7de7562445967e2c21843b
3046cd0b51721f180c2dc75513fd4bfd316b45b5
cc318f3be9ba75def2af54bd9d0fab4f3e316517de9bf138e40dee06d332602d
GET /wp-content/plugins/gtranslate/flags/24/de.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 602
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:34 GMT
etag: "25a-5dbfb09ff4341"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png
217.160.0.205200 OK 31 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png
IP 217.160.0.205:0
File type PNG image data, 720 x 405, 8-bit colormap, non-interlaced\012- data
Hash 7e2dc18208f91ffeec2937721f30a66f
f5400f3f0e093fb377cf659342109e412117cb10
050d2bb4b81e110957177c42fa14919a25fe032366208cff90ff2ca8a2301799
GET /wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 30712
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "77f8-5dbfb0b89131e"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
217.160.0.205200 OK 11 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 217.160.0.205:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11224
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Fri, 15 Jan 2021 08:32:04 GMT
etag: "2bd8-5b8ec3500f097"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
217.160.0.205200 OK 90 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 217.160.0.205:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 89521
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sun, 01 Aug 2021 17:24:09 GMT
etag: "15db1-5c882b870a3ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3
217.160.0.205200 OK 4.6 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3
IP 217.160.0.205:0
File type ASCII text, with very long lines (4647), with no line terminators
Hash 7a0f5ffd3ddb861fc8e246af9e2d5417
6f2cc0634148a096b2b036a39c642f266d0a468f
50b65813f82de1383a3354b8b0335a451127f2f35141098ea361da95447a0ae4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4647
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1227-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1
217.160.0.205200 OK 731 B URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1
IP 217.160.0.205:0
File type ASCII text, with very long lines (479)
Hash 97669983f6540f2badeef6ab07e5b637
b6f0084f6747da64cf24334b2c0027e57cbf7f23
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
GET /wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 731
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "2db-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5
217.160.0.205200 OK 4.5 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5
IP 217.160.0.205:0
Hash 3b2a03824ea375238c0dd844520c70cf
c3b063dc0b36bf760feb3b72fd325a7ed5f03f4f
e220711c19a54165d6819ad034fef35d5f4c94f4eb3f9c521f000917c8442303
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4484
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1184-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4
217.160.0.205200 OK 4.9 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4
IP 217.160.0.205:0
File type ASCII text, with very long lines (1488)
Hash 5a6b0fc4405a22efed2220c9ebdbcebe
18cbd790091c344fb9cce4233cd0c9b3a36b08eb
be80f16154c0732e45558a559875ea30de0ee12766a6bf8fef48de3c3423e64f
GET /wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4894
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "131e-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4
217.160.0.205200 OK 2.0 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4
IP 217.160.0.205:0
Hash 6a3cf7cc51317fc9e5110c4e384f88e2
0097bc69fd0027651ba3970da08cb0393aab0c62
595a17a7850da5ba2f3ae112c9678ee84e05a3cfd4cbc05ea9aef21109b6a399
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1997
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "7cd-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4
217.160.0.205200 OK 278 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4
IP 217.160.0.205:0
File type ASCII text, with very long lines (65467)
Size 278 kB (277633 bytes)
Hash 3895c540a60f5f1004649c44ccb9eab5
af34c92d14e9d299111c10ff362b698473744f58
e28b1ce93ccfbd90141fe0668b7823b4880926b0f5137c0e1fd7adff6af7c9be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 277633
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:13 GMT
etag: "43c81-5d4c23948cc94"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4
217.160.0.205200 OK 3.3 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4
IP 217.160.0.205:0
File type HTML document, ASCII text
Hash fa07f10043b891dacdb82f26fd2b42bc
9c1dc49e9747758e033c0e9a7d016401bd78602c
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3349
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "d15-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4
217.160.0.205200 OK 8.0 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4
IP 217.160.0.205:0
File type ASCII text, with very long lines (7584)
Hash 984977dc184f8059f2a679b324893e4c
d60a246ba584ba892a87bcf446e71d26adbcb91a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 7960
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "1f18-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4
217.160.0.205200 OK 9.3 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4
IP 217.160.0.205:0
Hash 00346ced8d8b5c664b826381bdcd7c48
1cb0ab506f3892db432c81ab6982fe6837004d23
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9318
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "2466-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4
217.160.0.205200 OK 1.3 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4
IP 217.160.0.205:0
Hash d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1343
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "53f-5d4c2393bdbff"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49
217.160.0.205200 OK 25 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49
IP 217.160.0.205:0
File type ASCII text, with very long lines (24971), with no line terminators
Hash 7b2d857e7249c2ce8dad6320598504a8
69a357348ee16a53148884431bafad611b01587f
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 24971
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "618b-5dbfb0b8922bf"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css
217.160.0.205200 OK 9.0 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css
IP 217.160.0.205:0
File type ASCII text, with very long lines (5325)
Hash d257eb016b7fb8a69e69d8f6e611fea8
b455bd3e0c9ce936aae65cec7540825cb43efddd
70cf3c7d57fa5347d9d07009ca44eab57ac383afc292f2b9444d0bb36a9b9403
GET /wp-content/et-cache/30598/et-divi-dynamic-30598-late.css HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 9045
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "2355-5eccf97966d9a"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zum-ochsen-wonsheim.de/
217.160.0.205200 OK 76 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/
IP 217.160.0.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25345)
Hash 5629c36d0299cc219558ecdf0d45ad6f
f4424a4bb386538baee0522221277315b1a6cd87
6c7810882e6a6f65fc9b9fa9953ed13f759a40a12ac15b24a5750df12e4f64c9
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
link: <https://www.zum-ochsen-wonsheim.de/wp-json/>; rel="https://api.w.org/", <https://www.zum-ochsen-wonsheim.de/wp-json/wp/v2/pages/30598>; rel="alternate"; type="application/json", <https://www.zum-ochsen-wonsheim.de/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg
217.160.0.205200 OK 996 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg
IP 217.160.0.205:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=190, yresolution=198, resolutionunit=2, software=Snapseed 2.0, datetime=2022:08:25 07:54:56], baseline, precision 8, 1920x1280, components 3\012- data
Size 996 kB (995571 bytes)
Hash 59972a67e1b4da0c415870da57ff7e72
8082157c64e8cb88490389ed79d466f69a4a116a
1e07bb69f0659d6c8dad7ae90acb881cce76b689fd9d8eb659cc91ee07fb51fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 995571
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:57:58 GMT
etag: "f30f3-5e70a7ac4abe7"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg
217.160.0.205200 OK 290 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg
IP 217.160.0.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1152, components 3\012- data
Size 290 kB (289564 bytes)
Hash dc63f3e2fe1ee5ade46d7ddcaa4e7d1c
98e16b15c1a8ad2bf5e6f7921d895b34709bb683
2bc62fe4b77de5b1e9c074dac2bf620d66cb3857c82a3d32797a47a1fbd5feb0
GET /wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 289564
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:25:10 GMT
etag: "46b1c-5e70a056e2eee"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg
217.160.0.205200 OK 364 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg
IP 217.160.0.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1152, components 3\012- data
Size 364 kB (364502 bytes)
Hash 53d0e61032474c3d47c8035a21ec9a35
ae75622dcb1002a4d73f45e94803e37419de2f37
eea4217d17e8d02dbef398deb7c27335d1dd0b37fd58cccb6ab12d5c9f314488
GET /wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 364502
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:25:21 GMT
etag: "58fd6-5e70a061d9a83"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
217.160.0.205200 OK 92 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 217.160.0.205:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-sfnt
content-length: 92400
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "168f0-5d4c2393b5eff"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/double-king-size-bed-150x150.png
217.160.0.205200 OK 1.8 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/double-king-size-bed-150x150.png
IP 217.160.0.205:0
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash b8b3447feadd165d5582af7449dbe3eb
a9c8084eb7c6ef0537d755f871113a2cbb228973
3687d683fa082ca052bc35ee22809c91d11fc31a26312ac89982199b55e286eb
GET /wp-content/uploads/2018/07/double-king-size-bed-150x150.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1780
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:32 GMT
etag: "6f4-5b531b244079a"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg
217.160.0.205200 OK 113 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg
IP 217.160.0.205:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size 113 kB (113229 bytes)
Hash c73c9e32e66af4f446be38c675db0b5e
0514dfda0e2921a3570d02ce1f657f4b735ce131
8d500c5bf39517ea5e1dbd6def895da8948124dc585f0e8f74f8a0ac37af7af0
GET /wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 113229
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:30:31 GMT
etag: "1ba4d-5e70a18994fad"
accept-ranges: bytes
X-Firefox-Spdy: h2
shield.sitelock.com/shield/zum-ochsen-wonsheim.de
45.60.14.54200 OK 11 kB URL HTTP/1.1 shield.sitelock.com/shield/zum-ochsen-wonsheim.de
IP 45.60.14.54:0
File type PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash e4b6399ec7767505d9d20a7e6042e8f0
e2be6d93da1018875fe783c6eac1b1309d371e86
b2e8a2d273a3d3f594a97897707f2f35fe1ee953bffd904f85e33e5a55946271
GET /shield/zum-ochsen-wonsheim.de HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
Content-Length: 10600
Date: Thu, 01 Dec 2022 12:34:23 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=Erh3BhT55zdVtXQ/mBeFbAAAAAAj8QK98zjQNHfZ7qHP86Fa; path=/; Domain=.sitelock.com
visid_incap_275317=FXkTij3iSXO5Di1BH+FR+pyfiGMAAAAAQUIPAAAAAAAw3cWZ80C5I8Y0vgA7oCs3; expires=Thu, 30 Nov 2023 22:33:36 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=AKupC25bcHOjzY3x84EBCpyfiGMAAAAAE19BMc22mY0TV3DL1d8zLg==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 13-51760687-51760526 2NNN RT(1669898139804 69) q(0 0 0 -1) r(5 5) U18
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
217.160.0.205200 OK 4.2 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
IP 217.160.0.205:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4190), with no line terminators
Hash 9963658c659cddbdb681dbb5a956e8a7
24db91a6ab35513ee497c08de4192e448a94beec
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4190
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "105e-5dbfb0b89131e"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2019/11/teller.png
217.160.0.205200 OK 14 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2019/11/teller.png
IP 217.160.0.205:0
File type PNG image data, 246 x 248, 8-bit gray+alpha, non-interlaced\012- data
Hash be95de526c87c1fe3b7231b0880dc0c0
0df55ce5d4555c8f194ece8d036ee4385979bd24
5f2eef3ceded0364ab3690b0380aa3d7f002e46ed8f93137d1e743874ecf9d3a
GET /wp-content/uploads/2019/11/teller.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14128
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:47:27 GMT
etag: "3730-5b531b91afaf9"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg
217.160.0.205200 OK 83 kB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg
IP 217.160.0.205:0
File type ASCII text, with very long lines (39791)
Hash 7e7a1a9e3712cd16dade7c6e811ba28b
45e216af145ea7c3f30099c869482785ad921bc2
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
GET /wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 696545
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 24 Aug 2022 13:59:21 GMT
etag: "aa0e1-5e6fd167913fa"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9428.jpg
217.160.0.205200 OK 5.6 MB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9428.jpg
IP 217.160.0.205:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:29 11:06:16], baseline, precision 8, 5472x3648, components 3\012- data
Size 5.6 MB (5577023 bytes)
Hash a99fda523eec946f82e1ae7b9bf35b9e
02dc68e92f5dbee7662abb57329f9be692b4f54e
ecde36e35cf7219527264329ed68789a8f086940ad71dbfd674976995c078f4b
GET /wp-content/uploads/2018/09/IMG_9428.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5577023
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:46:30 GMT
etag: "55193f-5b531b5b3ee33"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg
217.160.0.205200 OK 1.4 MB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg
IP 217.160.0.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:17 09:24:08], baseline, precision 8, 3648x5472, components 3\012- data
Size 1.4 MB (1449377 bytes)
Hash f03ccb9c3a81b9e04ac67e759815c7ba
963f0dfbd9f197d8f33105a41153524a064af32b
9aa59ce739376d723173337debff7869444b3135a9745c73a67326117096b0aa
GET /wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1449377
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:46:04 GMT
etag: "161da1-5b531b4313cf0"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg
217.160.0.205200 OK 1.6 MB URL HTTP/2 www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg
IP 217.160.0.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:17 09:21:25], baseline, precision 8, 3648x5472, components 3\012- data
Size 1.6 MB (1575250 bytes)
Hash fc521156762a7a92093e04419cb5ad86
9169e457649d199369864a5b86dc96aa2662a6ce
12166dd3f3409ff5f8506df998d2e0ff167b9d48a82dc49e3f8be1d0b32341aa
GET /wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1575250
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:56 GMT
etag: "180952-5b531b3b26545"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.99200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.99:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:08:57 GMT
expires: Fri, 01 Dec 2023 12:08:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.99200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.99:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 11:59:41 GMT
expires: Fri, 01 Dec 2023 11:59:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.99200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.99:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:35:12 GMT
expires: Wed, 29 Nov 2023 18:35:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 151230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:29:35 GMT
age: 83171
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2