Report - www.zum-ochsen-wonsheim.de/

Report Overview

Submitted URL
www.zum-ochsen-wonsheim.de/
IP
217.160.0.205
ASN
#8560 IONOS SE
Submitted
2022-12-01 12:35:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.234.253
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	6.0 kB	142.250.74.99
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
www.zum-ochsen-wonsheim.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	11 MB	217.160.0.205
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	76 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	216.58.211.3
shield.sitelock.com	65503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	11 kB	45.60.14.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	www.zum-ochsen-wonsheim.de/	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf	Malware
2022-12-01	medium	www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.zum-ochsen-wonsheim.de/	1.5 kB	2023-03-07	2024-02-04
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-02-04 04:08:21 Times Seen62 Hash 5d51afcac32b67589f917ebd584c9d88 efcede1e98a05c33189cae9482844d140d7c88e5 b41d2289d8632acea50df03a9fd682aa9af189af9ec2e4cfe1eafaae103c5fec Loading...

	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4	9.3 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:32 Last Seen2024-04-26 01:27:53 Times Seen1673 Hash 00346ced8d8b5c664b826381bdcd7c48 1cb0ab506f3892db432c81ab6982fe6837004d23 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327 Loading...

	www.zum-ochsen-wonsheim.de/	180 B	2023-03-07	2024-04-24
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-24 22:40:37 Times Seen3182 Hash 623d6f59f2a5b2ba62b39858ccdd3989 6a97f16eb9c49657c50eb392d761380915ffd423 dd2c61ba8e6b506df9729d254d5c12b3c0f9de99bb7e5dba5f7e58c15d729f89 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4	2.0 kB	2023-03-07	2024-03-21
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-21 13:11:24 Times Seen658 Hash 6a3cf7cc51317fc9e5110c4e384f88e2 0097bc69fd0027651ba3970da08cb0393aab0c62 595a17a7850da5ba2f3ae112c9678ee84e05a3cfd4cbc05ea9aef21109b6a399 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4	4.9 kB	2023-03-07	2024-03-21
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-21 13:11:24 Times Seen659 Hash 5a6b0fc4405a22efed2220c9ebdbcebe 18cbd790091c344fb9cce4233cd0c9b3a36b08eb be80f16154c0732e45558a559875ea30de0ee12766a6bf8fef48de3c3423e64f Loading...

	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4	8.0 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:46 Last Seen2024-04-26 01:27:53 Times Seen1941 Hash 984977dc184f8059f2a679b324893e4c d60a246ba584ba892a87bcf446e71d26adbcb91a 55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	www.zum-ochsen-wonsheim.de/	547 B	2023-03-11	2023-03-11
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:19 Last Seen2023-03-11 23:34:19 Times Seen1 Hash 13203419676e6460a232cfe27130f60c 93762c1496cd596a5ce8d0d7b014027e72716df1 ea4ad04a8baf6883bcf9e415adedddfa44c20112fd7d5cf0a0afac48d2ffb7b3 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1	731 B	2023-03-07	2024-04-25
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-25 11:20:17 Times Seen2329 Hash 97669983f6540f2badeef6ab07e5b637 b6f0084f6747da64cf24334b2c0027e57cbf7f23 fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4	278 kB	2023-03-07	2024-03-03
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2024-03-03 11:34:59 Times Seen49 Hash 3895c540a60f5f1004649c44ccb9eab5 af34c92d14e9d299111c10ff362b698473744f58 e28b1ce93ccfbd90141fe0668b7823b4880926b0f5137c0e1fd7adff6af7c9be Loading...

	www.zum-ochsen-wonsheim.de/	869 B	2023-03-07	2024-02-16
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-02-16 10:49:35 Times Seen214 Hash 23abce331939da08653ad1ae0e96ab42 9d643a7eff4ca07cad0e2ffc4f851ac5178182ae 5b3784f77d8eeeff1634593241207b833374d91da614bd64e06c57de1a25f5e7 Loading...

	www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen68654 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4	3.3 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:43 Last Seen2024-04-26 01:27:51 Times Seen6176 Hash fa07f10043b891dacdb82f26fd2b42bc 9c1dc49e9747758e033c0e9a7d016401bd78602c 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	76 kB	2023-03-11	2023-03-11
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:33:19 Last Seen2023-03-11 23:34:19 Times Seen1 Hash 184f73dd8191e13cc42e11adc8ca7812 108c9e4595fa84fb8beb2f1f00fe4f59e562709d 50817746beb7f8e8b460e237f3be392d66701c97461a23551292427a3bfd5e60 Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49	25 kB	2023-03-07	2024-04-24
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:30:35 Last Seen2024-04-24 09:47:16 Times Seen47 Hash 7b2d857e7249c2ce8dad6320598504a8 69a357348ee16a53148884431bafad611b01587f 5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de Loading...

	www.zum-ochsen-wonsheim.de/	3.5 kB	2023-03-11	2023-03-11
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:19 Last Seen2023-03-11 23:34:19 Times Seen1 Hash 5f09c90172e24f7349a684ad88b09f13 e6a4a2d4e0a3aadb5ac7010ff8d182e304237a23 9d12103fe50baef366ecf38bc47df927813673c62a13d5539120a69b9611a0b1 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main	211 kB	2023-03-08	2024-04-22
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2024-04-22 16:34:28 Times Seen136 Hash 416b0fc07995be8d2b5b67aba46171b0 dd355df12143ce031c19ed0b2b8bf512b6c7d5f1 99a05e6c4657850662d766688752248659646b186aff567879d5d159812d1904 Loading...

	www.zum-ochsen-wonsheim.de/	739 B	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-26 01:27:51 Times Seen4219 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	www.zum-ochsen-wonsheim.de/	151 B	2023-03-08	2023-11-28
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:50:23 Last Seen2023-11-28 17:44:11 Times Seen6 Hash 604656d30e56639932346bba5de664dc b7aaa15f5b270c8cf5ed5fdbbe6e50c366e94c1d 6c11a705c7a16545a153f1375775757614a0d58fad1cdc60550da706726d89cf Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3	4.6 kB	2023-03-07	2024-03-21
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-21 13:38:12 Times Seen652 Hash 7a0f5ffd3ddb861fc8e246af9e2d5417 6f2cc0634148a096b2b036a39c642f266d0a468f 50b65813f82de1383a3354b8b0335a451127f2f35141098ea361da95447a0ae4 Loading...

	www.zum-ochsen-wonsheim.de/	117 B	2023-03-07	2024-02-23
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-02-23 14:43:52 Times Seen327 Hash b02188bfd0ed6f84f2d127e52685b0aa e707d35d8270d5f867c1f0d09c4405c21c297bd0 1a8079e8cdaed41b9695c2abc48a095ea4dc779c9f3ee5e3fa0207f4f6460c8c Loading...

	www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4	1.3 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-26 01:27:51 Times Seen9489 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-26
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 06:05:26 Times Seen14188 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	www.zum-ochsen-wonsheim.de/	47 B	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-26 01:27:51 Times Seen6637 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen31836 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5	4.5 kB	2023-03-07	2024-03-21
Pretty URL www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5 IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-21 13:11:24 Times Seen661 Hash 3b2a03824ea375238c0dd844520c70cf c3b063dc0b36bf760feb3b72fd325a7ed5f03f4f e220711c19a54165d6819ad034fef35d5f4c94f4eb3f9c521f000917c8442303 Loading...

	www.zum-ochsen-wonsheim.de/	1.8 kB	2023-03-11	2023-03-11
Pretty URL www.zum-ochsen-wonsheim.de/ IP 217.160.0.205 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:19 Last Seen2023-03-11 23:34:19 Times Seen1 Hash 9c2d8d2b64b0b99a739a585e16bf8b98 fb37a9bc23daec466e30dd386b1866db124d0c74 339024a0b1b3865bd03873dfa25f074d314f1db67f43c636a9a85d63fb85136d Loading...

HTTP Transactions (67)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12815
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 12:35:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3834
Cache-Control: max-age=169169
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:37 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:35:06 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3933
Expires: Thu, 01 Dec 2022 13:41:10 GMT
Date: Thu, 01 Dec 2022 12:35:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: w4FMxMYiu3BUF3zEMDoVJaSUyuWGAcwh3b2HF0CBppaXBb2fTTqKEDHnLGW/8qWf4SzffeHEETA=
x-amz-request-id: GET6XMMA5XMJWVRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:45:39 GMT
age: 2998
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1049
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 12:35:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 12:11:15 GMT
cache-control: public,max-age=3600
age: 1463
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:38 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.234.253

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.234.253:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G5dEDKJxhHj90hnm+bt1Tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bBOwwkfcJDeRf1mYqMdCktBFOrQ=

www.zum-ochsen-wonsheim.de/

217.160.0.205

301 Moved Permanently

0 B

URL HTTP/1.1
www.zum-ochsen-wonsheim.de/
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 01 Dec 2022 12:35:37 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://www.zum-ochsen-wonsheim.de/

www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5

217.160.0.205

200 OK

693 B

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
693 B (693 bytes)
Hash
9b0f26cf8d22d4e9455f67b21c2f9759
f0240a4411d4a2eb073c574d37618e503392b76e
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 693
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:34 GMT
etag: "2b5-5dbfb0a02dd29"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5

217.160.0.205

200 OK

112 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (460)
Size
112 kB (112429 bytes)
Hash
b1f6e18313d5d60bf9b3140153513bdb
2c4c8fa9fde58a2a94ad140d36560cc01631d300
cd0399977b416c5a727572c4a5a1453709176b6113b98219b15ba1c7a0a70c8e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/animate-it/assets/css/animate-animo.css?ver=5.9.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 112429
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1b72d-5dbfb096fe2e8"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 12:35:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 53407
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 53180
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227

217.160.0.205

200 OK

9.0 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (5325)
Size
9.0 kB (9045 bytes)
Hash
d257eb016b7fb8a69e69d8f6e611fea8
b455bd3e0c9ce936aae65cec7540825cb43efddd
70cf3c7d57fa5347d9d07009ca44eab57ac383afc292f2b9444d0bb36a9b9403

HTTP Headers

GET /wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 9045
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "2355-5eccf97966d9a"
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12035 bytes)
Hash
acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 53406
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 83646
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 29181
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9

217.160.0.205

200 OK

40 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
Unicode text, UTF-8 text, with very long lines (32254), with CRLF, LF line terminators
Size
40 kB (40244 bytes)
Hash
4bff375301787c91f4de67062c9073c2
6011048c3af24680d1fb2955deb3d00ebf746cd3
2d629d1a0c01d415c23f961001a6f59421e31180f54c67d2ecd67691ba412cf6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.49-9 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 40244
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:01 GMT
etag: "9d34-5dbfb0b9cca2a"
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 53453
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229

217.160.0.205

200 OK

20 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (20034), with no line terminators
Size
20 kB (20034 bytes)
Hash
d8498424335baaa0eae4154374a2c8ff
ac30621dc607c5798c4be858efa7ab08ec9df35e
9a9326f34089dc930915f81991d89d376a430d6836765d1acef5492c1f5bfb11

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 20034
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "4e42-5eccf9796dafb"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227

217.160.0.205

200 OK

46 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (13512)
Size
46 kB (45823 bytes)
Hash
10ac09f8547b6030ae610d8d33b8c285
ea38fa402f70a0555e48e0dff22f0b40f262fad1
01ffecd2396f57a6241264788bb0b9c139839f14b75c2d37bcb6da04e9ba5438

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/et-cache/30598/et-divi-dynamic-30598.css?ver=1667751227 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 45823
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:47 GMT
etag: "b2ff-5eccf97827821"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/ochsen.png

217.160.0.205

200 OK

86 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/ochsen.png
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
PNG image data, 400 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size
86 kB (86327 bytes)
Hash
deedfe271b136022128cf72e840b9308
968a967533ececccb57ab68be058522986e368e4
af796a59e7083c0dfbbe3ea1bee8b521b089aadcd9db5b6be507d81041d34243

HTTP Headers

GET /wp-content/uploads/2018/07/ochsen.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 86327
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:37 GMT
etag: "15137-5b531b2913f00"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/flags/24/de.png

217.160.0.205

200 OK

602 B

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/gtranslate/flags/24/de.png
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
602 B (602 bytes)
Hash
8a2ba86f3b7de7562445967e2c21843b
3046cd0b51721f180c2dc75513fd4bfd316b45b5
cc318f3be9ba75def2af54bd9d0fab4f3e316517de9bf138e40dee06d332602d

HTTP Headers

GET /wp-content/plugins/gtranslate/flags/24/de.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 602
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:34 GMT
etag: "25a-5dbfb09ff4341"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png

217.160.0.205

200 OK

31 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
PNG image data, 720 x 405, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30712 bytes)
Hash
7e2dc18208f91ffeec2937721f30a66f
f5400f3f0e093fb377cf659342109e412117cb10
050d2bb4b81e110957177c42fa14919a25fe032366208cff90ff2ca8a2301799

HTTP Headers

GET /wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 30712
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "77f8-5dbfb0b89131e"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

217.160.0.205

200 OK

11 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 11224
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Fri, 15 Jan 2021 08:32:04 GMT
etag: "2bd8-5b8ec3500f097"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

217.160.0.205

200 OK

90 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 89521
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sun, 01 Aug 2021 17:24:09 GMT
etag: "15db1-5c882b870a3ce"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3

217.160.0.205

200 OK

4.6 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (4647), with no line terminators
Size
4.6 kB (4647 bytes)
Hash
7a0f5ffd3ddb861fc8e246af9e2d5417
6f2cc0634148a096b2b036a39c642f266d0a468f
50b65813f82de1383a3354b8b0335a451127f2f35141098ea361da95447a0ae4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/animate-it/assets/js/animo.min.js?ver=1.0.3 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 4647
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1227-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1

217.160.0.205

200 OK

731 B

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (479)
Size
731 B (731 bytes)
Hash
97669983f6540f2badeef6ab07e5b637
b6f0084f6747da64cf24334b2c0027e57cbf7f23
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

HTTP Headers

GET /wp-content/plugins/animate-it/assets/js/jquery.ba-throttle-debounce.min.js?ver=1.1 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 731
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "2db-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5

217.160.0.205

200 OK

4.5 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
4.5 kB (4484 bytes)
Hash
3b2a03824ea375238c0dd844520c70cf
c3b063dc0b36bf760feb3b72fd325a7ed5f03f4f
e220711c19a54165d6819ad034fef35d5f4c94f4eb3f9c521f000917c8442303

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/animate-it/assets/js/edsanimate.site.js?ver=1.4.5 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 4484
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "1184-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4

217.160.0.205

200 OK

4.9 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (1488)
Size
4.9 kB (4894 bytes)
Hash
5a6b0fc4405a22efed2220c9ebdbcebe
18cbd790091c344fb9cce4233cd0c9b3a36b08eb
be80f16154c0732e45558a559875ea30de0ee12766a6bf8fef48de3c3423e64f

HTTP Headers

GET /wp-content/plugins/animate-it/assets/js/edsanimate.js?ver=1.4.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 4894
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "131e-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4

217.160.0.205

200 OK

2.0 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
2.0 kB (1997 bytes)
Hash
6a3cf7cc51317fc9e5110c4e384f88e2
0097bc69fd0027651ba3970da08cb0393aab0c62
595a17a7850da5ba2f3ae112c9678ee84e05a3cfd4cbc05ea9aef21109b6a399

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/animate-it/assets/js/viewportchecker.js?ver=1.4.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1997
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:55:25 GMT
etag: "7cd-5dbfb097011c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4

217.160.0.205

200 OK

278 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (65467)
Size
278 kB (277633 bytes)
Hash
3895c540a60f5f1004649c44ccb9eab5
af34c92d14e9d299111c10ff362b698473744f58
e28b1ce93ccfbd90141fe0668b7823b4880926b0f5137c0e1fd7adff6af7c9be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 277633
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:13 GMT
etag: "43c81-5d4c23948cc94"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4

217.160.0.205

200 OK

3.3 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
HTML document, ASCII text
Size
3.3 kB (3349 bytes)
Hash
fa07f10043b891dacdb82f26fd2b42bc
9c1dc49e9747758e033c0e9a7d016401bd78602c
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3349
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "d15-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4

217.160.0.205

200 OK

8.0 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (7584)
Size
8.0 kB (7960 bytes)
Hash
984977dc184f8059f2a679b324893e4c
d60a246ba584ba892a87bcf446e71d26adbcb91a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 7960
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "1f18-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4

217.160.0.205

200 OK

9.3 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
9.3 kB (9318 bytes)
Hash
00346ced8d8b5c664b826381bdcd7c48
1cb0ab506f3892db432c81ab6982fe6837004d23
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 9318
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "2466-5d4c239415a48"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4

217.160.0.205

200 OK

1.3 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text
Size
1.3 kB (1343 bytes)
Hash
d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.4 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1343
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "53f-5d4c2393bdbff"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49

217.160.0.205

200 OK

25 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (24971), with no line terminators
Size
25 kB (24971 bytes)
Hash
7b2d857e7249c2ce8dad6320598504a8
69a357348ee16a53148884431bafad611b01587f
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.49 HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 24971
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "618b-5dbfb0b8922bf"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css

217.160.0.205

200 OK

9.0 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (5325)
Size
9.0 kB (9045 bytes)
Hash
d257eb016b7fb8a69e69d8f6e611fea8
b455bd3e0c9ce936aae65cec7540825cb43efddd
70cf3c7d57fa5347d9d07009ca44eab57ac383afc292f2b9444d0bb36a9b9403

HTTP Headers

GET /wp-content/et-cache/30598/et-divi-dynamic-30598-late.css HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 9045
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sun, 06 Nov 2022 16:13:49 GMT
etag: "2355-5eccf97966d9a"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.zum-ochsen-wonsheim.de/

217.160.0.205

200 OK

76 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25345)
Size
76 kB (76425 bytes)
Hash
5629c36d0299cc219558ecdf0d45ad6f
f4424a4bb386538baee0522221277315b1a6cd87
6c7810882e6a6f65fc9b9fa9953ed13f759a40a12ac15b24a5750df12e4f64c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 12:35:39 GMT
server: Apache
link: <https://www.zum-ochsen-wonsheim.de/wp-json/>; rel="https://api.w.org/", <https://www.zum-ochsen-wonsheim.de/wp-json/wp/v2/pages/30598>; rel="alternate"; type="application/json", <https://www.zum-ochsen-wonsheim.de/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg

217.160.0.205

200 OK

996 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=190, yresolution=198, resolutionunit=2, software=Snapseed 2.0, datetime=2022:08:25 07:54:56], baseline, precision 8, 1920x1280, components 3\012- data
Size
996 kB (995571 bytes)
Hash
59972a67e1b4da0c415870da57ff7e72
8082157c64e8cb88490389ed79d466f69a4a116a
1e07bb69f0659d6c8dad7ae90acb881cce76b689fd9d8eb659cc91ee07fb51fc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/08/20220824155358_IMG_1133-01.jpeg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 995571
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:57:58 GMT
etag: "f30f3-5e70a7ac4abe7"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg

217.160.0.205

200 OK

290 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1152, components 3\012- data
Size
290 kB (289564 bytes)
Hash
dc63f3e2fe1ee5ade46d7ddcaa4e7d1c
98e16b15c1a8ad2bf5e6f7921d895b34709bb683
2bc62fe4b77de5b1e9c074dac2bf620d66cb3857c82a3d32797a47a1fbd5feb0

HTTP Headers

GET /wp-content/uploads/2022/08/IMG_20220824_164908-Kopie-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 289564
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:25:10 GMT
etag: "46b1c-5e70a056e2eee"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg

217.160.0.205

200 OK

364 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1152, components 3\012- data
Size
364 kB (364502 bytes)
Hash
53d0e61032474c3d47c8035a21ec9a35
ae75622dcb1002a4d73f45e94803e37419de2f37
eea4217d17e8d02dbef398deb7c27335d1dd0b37fd58cccb6ab12d5c9f314488

HTTP Headers

GET /wp-content/uploads/2022/08/IMG_20220824_165305-Kopie-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 364502
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:25:21 GMT
etag: "58fd6-5e70a061d9a83"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf

217.160.0.205

200 OK

92 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size
92 kB (92400 bytes)
Hash
de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-divi-dynamic-30598-late.css?ver=1667751227
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-sfnt
content-length: 92400
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Tue, 04 Jan 2022 14:12:12 GMT
etag: "168f0-5d4c2393b5eff"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/double-king-size-bed-150x150.png

217.160.0.205

200 OK

1.8 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/07/double-king-size-bed-150x150.png
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Size
1.8 kB (1780 bytes)
Hash
b8b3447feadd165d5582af7449dbe3eb
a9c8084eb7c6ef0537d755f871113a2cbb228973
3687d683fa082ca052bc35ee22809c91d11fc31a26312ac89982199b55e286eb

HTTP Headers

GET /wp-content/uploads/2018/07/double-king-size-bed-150x150.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1780
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:32 GMT
etag: "6f4-5b531b244079a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg

217.160.0.205

200 OK

113 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size
113 kB (113229 bytes)
Hash
c73c9e32e66af4f446be38c675db0b5e
0514dfda0e2921a3570d02ce1f657f4b735ce131
8d500c5bf39517ea5e1dbd6def895da8948124dc585f0e8f74f8a0ac37af7af0

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220824-WA0029.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 113229
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Thu, 25 Aug 2022 05:30:31 GMT
etag: "1ba4d-5e70a18994fad"
accept-ranges: bytes
X-Firefox-Spdy: h2

shield.sitelock.com/shield/zum-ochsen-wonsheim.de

45.60.14.54

200 OK

11 kB

URL HTTP/1.1
shield.sitelock.com/shield/zum-ochsen-wonsheim.de
IP
45.60.14.54:0
ASN
#19551 INCAPSULA

File type
PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10600 bytes)
Hash
e4b6399ec7767505d9d20a7e6042e8f0
e2be6d93da1018875fe783c6eac1b1309d371e86
b2e8a2d273a3d3f594a97897707f2f35fe1ee953bffd904f85e33e5a55946271

HTTP Headers

GET /shield/zum-ochsen-wonsheim.de HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
Content-Length: 10600
Date: Thu, 01 Dec 2022 12:34:23 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=Erh3BhT55zdVtXQ/mBeFbAAAAAAj8QK98zjQNHfZ7qHP86Fa; path=/; Domain=.sitelock.com
visid_incap_275317=FXkTij3iSXO5Di1BH+FR+pyfiGMAAAAAQUIPAAAAAAAw3cWZ80C5I8Y0vgA7oCs3; expires=Thu, 30 Nov 2023 22:33:36 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=AKupC25bcHOjzY3x84EBCpyfiGMAAAAAE19BMc22mY0TV3DL1d8zLg==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 13-51760687-51760526 2NNN RT(1669898139804 69) q(0 0 0 -1) r(5 5) U18

www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg

217.160.0.205

200 OK

4.2 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4190), with no line terminators
Size
4.2 kB (4190 bytes)
Hash
9963658c659cddbdb681dbb5a956e8a7
24db91a6ab35513ee497c08de4192e448a94beec
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4190
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 06 Apr 2022 11:56:00 GMT
etag: "105e-5dbfb0b89131e"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2019/11/teller.png

217.160.0.205

200 OK

14 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2019/11/teller.png
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
PNG image data, 246 x 248, 8-bit gray+alpha, non-interlaced\012- data
Size
14 kB (14128 bytes)
Hash
be95de526c87c1fe3b7231b0880dc0c0
0df55ce5d4555c8f194ece8d036ee4385979bd24
5f2eef3ceded0364ab3690b0380aa3d7f002e46ed8f93137d1e743874ecf9d3a

HTTP Headers

GET /wp-content/uploads/2019/11/teller.png HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14128
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:47:27 GMT
etag: "3730-5b531b91afaf9"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg

217.160.0.205

200 OK

83 kB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (39791)
Size
83 kB (83419 bytes)
Hash
7e7a1a9e3712cd16dade7c6e811ba28b
45e216af145ea7c3f30099c869482785ad921bc2
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

HTTP Headers

GET /wp-content/uploads/2022/08/dji_export_1661349123296-scaled.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 696545
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Wed, 24 Aug 2022 13:59:21 GMT
etag: "aa0e1-5e6fd167913fa"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9428.jpg

217.160.0.205

200 OK

5.6 MB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9428.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:29 11:06:16], baseline, precision 8, 5472x3648, components 3\012- data
Size
5.6 MB (5577023 bytes)
Hash
a99fda523eec946f82e1ae7b9bf35b9e
02dc68e92f5dbee7662abb57329f9be692b4f54e
ecde36e35cf7219527264329ed68789a8f086940ad71dbfd674976995c078f4b

HTTP Headers

GET /wp-content/uploads/2018/09/IMG_9428.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 5577023
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:46:30 GMT
etag: "55193f-5b531b5b3ee33"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg

217.160.0.205

200 OK

1.4 MB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:17 09:24:08], baseline, precision 8, 3648x5472, components 3\012- data
Size
1.4 MB (1449377 bytes)
Hash
f03ccb9c3a81b9e04ac67e759815c7ba
963f0dfbd9f197d8f33105a41153524a064af32b
9aa59ce739376d723173337debff7869444b3135a9745c73a67326117096b0aa

HTTP Headers

GET /wp-content/uploads/2018/09/IMG_9376-e1535994812536.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1449377
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:46:04 GMT
etag: "161da1-5b531b4313cf0"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg

217.160.0.205

200 OK

1.6 MB

URL HTTP/2
www.zum-ochsen-wonsheim.de/wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg
IP
217.160.0.205:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 70D, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2018:08:17 09:21:25], baseline, precision 8, 3648x5472, components 3\012- data
Size
1.6 MB (1575250 bytes)
Hash
fc521156762a7a92093e04419cb5ad86
9169e457649d199369864a5b86dc96aa2662a6ce
12166dd3f3409ff5f8506df998d2e0ff167b9d48a82dc49e3f8be1d0b32341aa

HTTP Headers

GET /wp-content/uploads/2018/09/IMG_9367-e1535994375415.jpg HTTP/1.1
Host: www.zum-ochsen-wonsheim.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/wp-content/et-cache/30598/et-core-unified-deferred-30598.min.css?ver=1667751229
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1575250
date: Thu, 01 Dec 2022 12:35:40 GMT
server: Apache
last-modified: Sat, 28 Nov 2020 21:45:56 GMT
etag: "180952-5b531b3b26545"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.99

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:08:57 GMT
expires: Fri, 01 Dec 2023 12:08:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.99

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 11:59:41 GMT
expires: Fri, 01 Dec 2023 11:59:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.99

200 OK

910 B

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zum-ochsen-wonsheim.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:35:12 GMT
expires: Wed, 29 Nov 2023 18:35:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 151230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 12:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:29:35 GMT
age: 83171
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations