r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 01:43:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4903
Cache-Control: max-age=122958
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:37 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:52:55 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9918
Expires: Fri, 02 Dec 2022 04:28:55 GMT
Date: Fri, 02 Dec 2022 01:43:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1427
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LHU10CsI3IXz5wD3uvZuxmjUFT2U4C3hOcISn1PkBAbyO74whSdZPPyi50BPILSTAcC6Kw3Bi68=
x-amz-request-id: KJPBNJFTN54KE2DP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:46:30 GMT
age: 3427
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:43:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
taxi24herford.de/
200 OK 11 kB IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 0fabb20e7351095fe4c5c8a4590ef1b0
19ce41bc567ad216e28f8d7da8b27e0d7121dfd4
40d14b0417ba23a0b5ad285c53460d7a97e3ae8ed4d1eaec09a8252d88bcb3c0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 10957
Connection: keep-alive
Link: <http://taxi24herford.de/wp-json/>; rel="https://api.w.org/", <http://taxi24herford.de/wp-json/wp/v2/pages/203>; rel="alternate"; type="application/json", <http://taxi24herford.de/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.33, PleskLin
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1
200 OK 6.0 kB URL HTTP/1.1 netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1
IP
File type ASCII text, with very long lines (301)
Hash 46428eb0a79918b2732aead48bde4e1d
bf2e90411cadf7ff24dd75f66de72bab963dcf12
157e3a5f0b547ee3823a0d0d9e861599eec7f704d427b9f5adcb5367f2e7eca9
GET /font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: SE
CDN-EdgeStorageId: 632, 718, 718
Last-Modified: Mon, 25 Jan 2021 22:04:51 GMT
CDN-CachedAt: 2021-03-10 20:27:32
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: 166506bd91cd9cd7ffb980e7f4eb55f6
Content-Encoding: gzip
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 19255660
Server: cloudflare
CF-RAY: 77305f6d4a280b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
taxi24herford.de/wp-content/themes/theme46379/style.css
200 OK 233 B URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/style.css
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 4aa0c667a9c7e8d0009c50fcef367d83
48298f9db8ba8a16d4e14fb6dfb1aa6ff884d3d9
6cc1bc7d0a8b86cd24c4c2493da7fa582149b5d0fec48b32e690fa953abda277
GET /wp-content/themes/theme46379/style.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 233
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
ETag: "145-5de59863a11bc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
taxi24herford.de/wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.5
200 OK 1.8 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.5
IP
ASN #8972 Host Europe GmbH
Hash aa3a628f48cd69427eb8493b9b913ba8
d0d9e8d79aa8dbd6c5f287191f22967f182614b4
c4cd126b21a4a71df6b2eb9210d37eca993c879b5fff2eb5808741c5b3069d03
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.5 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 1828
Last-Modified: Fri, 06 May 2022 15:29:27 GMT
Connection: keep-alive
ETag: "62753ed7-724"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/bootstrap/css/bootstrap.css
200 OK 107 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/bootstrap/css/bootstrap.css
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (568)
Size 107 kB (107400 bytes)
Hash 7fba3d65d336961ac273207d8f46c932
91e6c382ae849e29b4e14d961bc4ffd1b6063a55
9ce959736d353a98554912e8e3063e145ebed53fd6a7222c1f4712c2e469985e
GET /wp-content/themes/theme46379/bootstrap/css/bootstrap.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 107400
Last-Modified: Fri, 06 May 2022 15:29:53 GMT
Connection: keep-alive
ETag: "62753ef1-1a388"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/bootstrap/css/responsive.css
200 OK 22 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/bootstrap/css/responsive.css
IP
ASN #8972 Host Europe GmbH
Hash 56879e9ef909d5cf8def84297b5ac6b4
097d5726a7053c1e9e20fcfe6ffa771f2d6de573
8a1d0f12b448b5065cbe1e76f5d2df0364e9e9a2cae98e9419215cad62fb1892
GET /wp-content/themes/theme46379/bootstrap/css/responsive.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 21945
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-55b9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/css/camera.css
200 OK 26 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/css/camera.css
IP
ASN #8972 Host Europe GmbH
Hash 4801e1d3d131c3628342caacc406479d
3078a5fc945049a7b9e90829123acae900c74324
3df13f8dc45f6168a5eff9bb8f32fa6807ba3efe0db1f76ce808bb7b0f48ca01
GET /wp-content/themes/CherryFramework/css/camera.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 26264
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-6698"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.5
200 OK 1.7 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.5
IP
ASN #8972 Host Europe GmbH
Hash 1fef03e0313a7dc8877bf921e862f9a5
f313cf9c3cc750876295696ec1dfc9aef797493a
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420
GET /wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.5 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 1747
Last-Modified: Fri, 06 May 2022 15:29:27 GMT
Connection: keep-alive
ETag: "62753ed7-6d3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
200 OK 2.7 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
ASN #8972 Host Europe GmbH
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 2731
Last-Modified: Thu, 15 Sep 2022 12:57:52 GMT
Connection: keep-alive
ETag: "63232150-aab"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/css/magnific-popup.css?ver=0.9.3
200 OK 9.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/css/magnific-popup.css?ver=0.9.3
IP
ASN #8972 Host Europe GmbH
Hash 33f641df8c0fc8a2a5c9c7fad61ec019
7e4999e434f83d66a6e436da9373880c47289704
690587b44cbf9ff5efa013957f8460d96b36775acbb27472cfb6dc34bb91af4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/css/magnific-popup.css?ver=0.9.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 9304
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-2458"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
200 OK 89 kB URL HTTP/1.1 taxi24herford.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 88932
Last-Modified: Thu, 15 Sep 2022 12:56:11 GMT
Connection: keep-alive
ETag: "632320eb-15b64"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-includes/css/dashicons.min.css?ver=6.0.3
200 OK 59 kB URL HTTP/1.1 taxi24herford.de/wp-includes/css/dashicons.min.css?ver=6.0.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 59016
Last-Modified: Fri, 06 May 2022 15:29:30 GMT
Connection: keep-alive
ETag: "62753eda-e688"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
200 OK 5.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (5334), with no line terminators
Hash 42d1ded165ef075d4a34f90debfdfc93
9d4f1473e17840cb173e1e2070915e885591426b
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 5334
Last-Modified: Thu, 15 Sep 2022 12:58:01 GMT
Connection: keep-alive
ETag: "63232159-14d6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/main-style.css
200 OK 41 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/main-style.css
IP
ASN #8972 Host Europe GmbH
Hash dd5252c48a73e69e81b3d210ca958308
d146506b688baaee0c57e68f6669e569be1ec6b8
848ba05c9b7cbd5059a126509216cc0ef33cbaa9c8fd662170180ab93d4e77ed
GET /wp-content/themes/theme46379/main-style.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 40905
Last-Modified: Fri, 06 May 2022 15:29:54 GMT
Connection: keep-alive
ETag: "62753ef2-9fc9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/motopress-content-editor/includes/css/theme.css?ver=1.5.8
200 OK 88 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/motopress-content-editor/includes/css/theme.css?ver=1.5.8
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb3b682da2b43ce2ab6127ec0bb2f84e
b7734d0819da9a80e1483a36357d06eb24332c25
19bbb78d70dd6ee89ff91e26a422adb69510e8ff83ace800ad7e5d0f35f14509
GET /wp-content/plugins/motopress-content-editor/includes/css/theme.css?ver=1.5.8 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 87745
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-156c1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/motopress-content-editor/bootstrap/bootstrap-grid.min.css?ver=1.5.8
200 OK 15 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/motopress-content-editor/bootstrap/bootstrap-grid.min.css?ver=1.5.8
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (15140), with no line terminators
Hash c3afa9c619c14f0c3b0ca0bb13f12bd9
f3a2fe1cd8a2a51b7ebfe402d983dc7f16dba5aa
de56c5f70ea565fdc866ade91c95ab84151f55e030f861b3509141b24fd54733
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/motopress-content-editor/bootstrap/bootstrap-grid.min.css?ver=1.5.8 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: text/css
Content-Length: 15140
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-3b24"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery-migrate-1.2.1.min.js?ver=1.2.1
200 OK 7.2 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery-migrate-1.2.1.min.js?ver=1.2.1
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (7085)
Hash eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery-migrate-1.2.1.min.js?ver=1.2.1 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 7199
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-1c1f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-includes/js/swfobject.js?ver=2.2-20120417
200 OK 10 kB URL HTTP/1.1 taxi24herford.de/wp-includes/js/swfobject.js?ver=2.2-20120417
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (10082)
Hash 9ffdba2cff497d701684657e329871f5
693465e9d9376fd4d2fcd45ffc24f735e1159312
5fc71212d5f80194f946cc9239d030aae8b51879ec22bd6f9a793c49e543d1c0
GET /wp-includes/js/swfobject.js?ver=2.2-20120417 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 10231
Last-Modified: Fri, 06 May 2022 15:29:30 GMT
Connection: keep-alive
ETag: "62753eda-27f7"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6
200 OK 12 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6
IP
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (12314), with no line terminators
Hash 8cef5686125e254fb53c25f16e310525
93522e2ab068a3433331e08144722dd57a8fae9a
6c44371beca8cb2a76b857b17532bb3512b2e68b4a8678ab4288b95353005a0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 12314
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-301a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0
200 OK 1.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (526), with CRLF line terminators
Hash 26954a41029edc447ad711ebb56c3ca9
7e25dcee1e88aeafe36bd5180cae8a39e56cf625
831bd1dfe9ae53caeadc3859d025359653fcc0ea4db2c62ad5e102a3fe41fae5
GET /wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 1078
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-436"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/custom.js?ver=1.0
200 OK 7.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/custom.js?ver=1.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 3acb467c86fe0ae43c4a10df645dffa9
d9b65b38b9f5454ada27a552b39b38dfb403215e
97e16731609f5af2bf4ddf475084828689c4b3a089d46b01b61bfaf92a905aad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/custom.js?ver=1.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 7258
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-1c5a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/bootstrap/js/bootstrap.min.js?ver=2.3.0
200 OK 29 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/bootstrap/js/bootstrap.min.js?ver=2.3.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (28344)
Hash be1c5898c4332c8e7f9906011e005bb0
9567f7b3fd78160203c5795d397128390381d8a3
7c1d540b7034e4790ece82622854c1fbf34f0d4297f3167d914fb09ddae6cb4c
GET /wp-content/themes/CherryFramework/bootstrap/js/bootstrap.min.js?ver=2.3.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 28756
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-7054"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
200 OK 8.8 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
IP
ASN #8972 Host Europe GmbH
File type C source, ASCII text, with very long lines (8750), with no line terminators
Hash 5f7dca83f1cac6295b0d4c72e325ac20
e0aacf1cfd0d8ed4bc37c8ef2be23d46513b71ed
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 8750
Last-Modified: Thu, 15 Sep 2022 12:58:01 GMT
Connection: keep-alive
ETag: "63232159-222e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/wp-spamshield/js/jscripts.php
200 OK 510 B URL HTTP/1.1 taxi24herford.de/wp-content/plugins/wp-spamshield/js/jscripts.php
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (738)
Hash 224bec318966ea206ec1fdd04a6979a3
ef1564d6c9c51417fe2775982020fa3c02670a36
068d51378c79e7d2ae30834916b8159f8f237e2e3ca2d57a4184daadd73255af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-spamshield/js/jscripts.php HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 510
Connection: keep-alive
Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, no-transform
Surrogate-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Vary: *,Accept-Encoding
X-Robots-Tag: none
Set-Cookie: PHPSESSID=htai48audigasm990btn22ir69; path=/
1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; expires=Fri, 02-Dec-2022 05:43:37 GMT; Max-Age=14400; path=/; domain=taxi24herford.de; HttpOnly
ckon2212=sject2212_1fa3f94859836; expires=Fri, 02-Dec-2022 01:48:37 GMT; Max-Age=300; path=/; domain=taxi24herford.de; HttpOnly
Content-Encoding: gzip
X-Powered-By: PHP/7.4.33, PleskLin
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.mobile.customized.min.js
200 OK 17 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.mobile.customized.min.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (17219), with no line terminators
Hash f937c24aee1a092cb9a337391acfa645
22b537591377b42445b6383f54f6c05d4ebfe39a
b5cf71e5ebd435d68e269558177fd4f444f36b0e8c18f7299f1590e0ee12b146
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery.mobile.customized.min.js HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 17219
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-4343"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
200 OK 12 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 3f3fc23f477a3849aa5677c585b2a2b4
ccf0865ebd37f76c450c7a377a86ff2448288db3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 12211
Last-Modified: Thu, 15 Sep 2022 12:57:52 GMT
Connection: keep-alive
ETag: "63232150-2fb3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/superfish.js?ver=1.5.3
200 OK 2.9 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/superfish.js?ver=1.5.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (570)
Hash 259022bde29c49e9d273d33493bd7b01
16a4305c60037a05644eef5bd7c1afc5bbd5d74a
6301e8e9ab12caccbf4eb772e114d56f4bdf3a27875cdcab57e8e8af5e04cb5a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/superfish.js?ver=1.5.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 2913
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-b61"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.mobilemenu.js?ver=1.0
200 OK 2.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.mobilemenu.js?ver=1.0
IP
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text
Hash fc3546893a5e5c2ab95d30ed44a61337
617126f8274cc0f72ee04f10d256990777fef4bf
3f57eccb51042e52f95f803d61e0d8895eb36a5eee1b1c27cff267d53beda13c
GET /wp-content/themes/CherryFramework/js/jquery.mobilemenu.js?ver=1.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 2062
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-80e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
200 OK 9.7 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (9680), with no line terminators
Hash 490c29d6776fc430c23403fd845b34b0
817129906b7fef1011895a76f047c7693a852e21
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 9680
Last-Modified: Thu, 15 Sep 2022 12:57:52 GMT
Connection: keep-alive
ETag: "63232150-25d0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.easing.1.3.js?ver=1.3
200 OK 3.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.easing.1.3.js?ver=1.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (508)
Hash 3720b3ccb887382d0716a49cc52d7901
aeb99c65dfe7e6ba2931afd762e53579fe372ccd
605b6fe57753665bd450ccc691b2b32eb508f05d8cb9bd3747d8f37c808990b1
GET /wp-content/themes/CherryFramework/js/jquery.easing.1.3.js?ver=1.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 3300
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-ce4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jplayer.playlist.min.js?ver=2.3.0
200 OK 8.8 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jplayer.playlist.min.js?ver=2.3.0
IP
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (555)
Hash f05ac1d7bf95ba34b8bcb05d4455d2e6
f27305ca2cbcca78715683611fff72df3f1359cd
6d7d547d752e1999718dd64fd26ddefa7eedadbb11a6461248c520beaf0d6022
GET /wp-content/themes/CherryFramework/js/jplayer.playlist.min.js?ver=2.3.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 8844
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-228c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/tmstickup.js?ver=1.0.0
200 OK 2.5 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/tmstickup.js?ver=1.0.0
IP
ASN #8972 Host Europe GmbH
Hash d75ae5b4f9859e20dabd5ba0e6959625
b72540421bd54f42d92734d0a53d46273839811d
294e2ce69040e1c6b4574e88881619342eda4d098c187e56317288ce7b0e6168
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/tmstickup.js?ver=1.0.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 2506
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-9ca"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/device.min.js?ver=1.0.0
200 OK 2.8 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/device.min.js?ver=1.0.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (2754)
Hash ccd1c11a6ba5df0cbfc470b04a3739f4
a8864d81de7689672ef8f916e430aaabf563c22d
a6ba246c6b7b60affbb369c8884d172dd3e4702a594f09bba678a7773a25e411
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/device.min.js?ver=1.0.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 2778
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-ada"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.magnific-popup.min.js?ver=0.9.3
200 OK 21 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.magnific-popup.min.js?ver=0.9.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (20540)
Hash 588a4c7a711e01405e02b4e2f8e1b2d6
263d200778cb34026816ae5a7718c5ae4f6aec49
c9e8f0f8a438833ef971b7482991c681ffb7fb5bff9b16ceadb22ad7c174a29e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery.magnific-popup.min.js?ver=0.9.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 20669
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-50bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.flexslider.js?ver=2.1
200 OK 41 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.flexslider.js?ver=2.1
IP
ASN #8972 Host Europe GmbH
Hash 6129f1b5a6c4ed045a41b7647f9b24e4
fdeff6254ba1416cb6e0ca2710feb9ca04b4ce29
0048a043918655642d6647b3e25447f549e64c1b7442564b9c7f4ee61f17e8f3
GET /wp-content/themes/CherryFramework/js/jquery.flexslider.js?ver=2.1 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 41111
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-a097"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.zaccordion.min.js?ver=2.1.0
200 OK 11 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.zaccordion.min.js?ver=2.1.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (10762), with no line terminators
Hash 83587a80fa209adba2ae7d9c7d817790
0ad068ce6fb22a723676d786d0f5aa8922e34814
3454594300968df56a52e0ef020632006412fb99abef27d917e21a715c586225
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery.zaccordion.min.js?ver=2.1.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 10762
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-2a0a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.jplayer.min.js?ver=2.6.0
200 OK 54 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.jplayer.min.js?ver=2.6.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (587)
Hash 8fbb3319230d3c08397b7bda5bcb1dc2
e7c9cbbfa4ec48771c03878949ad0a4128babf62
493db6d1ec51719b44e204d0594b5bcbdc81ce173a64d3e90513a468cecbd383
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery.jplayer.min.js?ver=2.6.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 54355
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-d453"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/camera.min.js?ver=1.3.4
200 OK 39 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/camera.min.js?ver=1.3.4
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (39107)
Hash 4338f6fcf6f5f1332747a94e09a65df4
099715e7293a8b570c46779c7a28b6832e34b72a
cad3b6107c8a8f38229add27d02a2150e204ba78acc54144e132a20ba40fc3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/camera.min.js?ver=1.3.4 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 39402
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-99ea"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.debouncedresize.js?ver=1.0
200 OK 226 B URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.debouncedresize.js?ver=1.0
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (347), with no line terminators
Hash 42e84e5145e07fe8ecc41b609563c0be
18296b6619f2205f1a315ca2689383847255b88d
6fc2f9e9368ae35ae256f2d0e0a6252e66edde7c8d7f68efd1545df6b1f4e0b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery.debouncedresize.js?ver=1.0 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 226
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
ETag: "15b-5de59863742fb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.isotope.js?ver=1.5.25
200 OK 16 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.isotope.js?ver=1.5.25
IP
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (538)
Hash 6fa6fde8d4a17065aba3fcac5035abb1
e05f5a6a939ba14529a7ce2675853d8d77550b74
b34ff95ad352e00ad3a5c1028a1638e2d2d6ec329acbc846b00d73e69c44c0c3
GET /wp-content/themes/CherryFramework/js/jquery.isotope.js?ver=1.5.25 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 15545
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-3cb9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.ba-resize.min.js?ver=1.1
200 OK 1.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery.ba-resize.min.js?ver=1.1
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (863)
Hash 9e80c546032c71de01a5c4bf4527995f
2ab85121883bd59b99eee12936931d0da87ba732
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1
GET /wp-content/themes/CherryFramework/js/jquery.ba-resize.min.js?ver=1.1 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 1098
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-44a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js
200 OK 1.2 kB URL HTTP/1.1 taxi24herford.de/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (1216), with no line terminators
Hash 87d62321bc91cfa07f20d7db0fcd5765
5c0114a2c5530085930a14777d7bfce8514722dd
22518ff32f769e282e7b884f80b238038242e11fcd7c9ddf11a53285f6f4993a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 1216
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
Cache-Control: max-age=15552000, must-revalidate
ETag: "62753ed8-4c0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/style.css
200 OK 335 B URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/style.css
IP
ASN #8972 Host Europe GmbH
Hash 6bf1a7575cd2a63497417e17266889eb
d7e51a937c85b91225d7261a7762edb65dafd2a7
96cf54862ca2ef85509bbcb50ba26aab6d020ba869794d3784d5b96cb141a644
GET /wp-content/themes/CherryFramework/style.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: text/css
Content-Length: 335
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
ETag: "209-5de5986380a33-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:08:57 GMT
cache-control: public,max-age=3600
age: 2081
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
taxi24herford.de/css/opensans.css
200 OK 7.4 kB URL HTTP/1.1 taxi24herford.de/css/opensans.css
IP
ASN #8972 Host Europe GmbH
Hash 63ceb86e01dee65712e59d2c3d3634c7
4ab745e00689697275aff7e6178af82d042f3d59
981bba4e2c7be3c9e195b9bf6b1fc897d5fcad8c8262c009cc71e8a0c275c45c
GET /css/opensans.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: text/css
Content-Length: 7378
Last-Modified: Fri, 06 May 2022 15:29:20 GMT
Connection: keep-alive
ETag: "62753ed0-1cd2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/css/style.css
200 OK 66 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/css/style.css
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (813)
Hash 8a52b93c2d53d92851be78a378807206
debb881ecd75ddf1fc0cbf6f6a90753de5c33323
39a5cf7e86bc9be413d0f23694f71312429d0c35c73ebe717f4f662ecd21fd6d
GET /wp-content/themes/CherryFramework/css/style.css HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/CherryFramework/style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: text/css
Content-Length: 65890
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-10162"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4899
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:38 GMT
Last-Modified: Fri, 02 Dec 2022 00:21:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
taxi24herford.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
200 OK 19 kB URL HTTP/1.1 taxi24herford.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: application/javascript
Content-Length: 18617
Last-Modified: Thu, 15 Sep 2022 12:56:11 GMT
Connection: keep-alive
ETag: "632320eb-48b9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/css/fonts/open-sans-v15-latin-regular.woff2
200 OK 14 kB URL HTTP/1.1 taxi24herford.de/css/fonts/open-sans-v15-latin-regular.woff2
IP
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Hash cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Analyzer Verdict Alert fortinet Malware
GET /css/fonts/open-sans-v15-latin-regular.woff2 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://taxi24herford.de/css/opensans.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: font/woff2
Content-Length: 14048
Last-Modified: Fri, 06 May 2022 15:29:20 GMT
Connection: keep-alive
ETag: "62753ed0-36e0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/uploads/2019/03/Logo-Taxi24-Herford_alt1.png
200 OK 114 kB URL HTTP/2 taxi24herford.de/wp-content/uploads/2019/03/Logo-Taxi24-Herford_alt1.png
IP
ASN #8972 Host Europe GmbH
File type PNG image data, 4542 x 1087, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (114215 bytes)
Hash febcc34bd0eda4c5ba1136c9caf65754
e46fdd0fb08c6ac19fac35baf642d2e5b99d396f
9a1b6c5cdecaa620193615be09f08307219ce194e649cc7fff9773f427cdaaa5
GET /wp-content/uploads/2019/03/Logo-Taxi24-Herford_alt1.png HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taxi24herford.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:43:38 GMT
content-type: image/png
content-length: 114215
last-modified: Fri, 06 May 2022 15:29:29 GMT
etag: "62753ed9-1be27"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
taxi24herford.de/wp-content/themes/theme46379/images/header.gif
200 OK 1.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/header.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 155\012- data
Hash 9a17fa316fbe027df3e94e53e8b1395c
993ca3244294dfdad52d61596510372e9e8e0541
8e75eb08a21fab2461acaab7a57fabf58e1c3fe5227bf7ec21bed3e1a5f93978
GET /wp-content/themes/theme46379/images/header.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 1250
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-4e2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/box.gif
200 OK 1.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/box.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 301\012- data
Hash 3689b595cd012168c25e5c666e6f8f69
64355ff18695098bfad48aa3e38ebf51e9e8cf6c
d206970aae5da7a859a3efe0f1b45923ebaaaada612122505ad4b73246bfc6c3
GET /wp-content/themes/theme46379/images/box.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 1343
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-53f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/content.gif
200 OK 1.3 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/content.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 272\012- data
Hash dc58fbf55407cc2bac19f75d85cf3f47
4fdf8fa2e73ef1f5b43328a6ad102f0cabdc3876
208d6bfff63e2865c5a22477bb070232aaafbe3aa01b3e5871ff6dd2fd3a6349
GET /wp-content/themes/theme46379/images/content.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 1292
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-50c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/menu_act.gif
200 OK 1.2 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/menu_act.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 10\012- data
Hash bf664b18bd13f9e25b25067e1526ff22
235056e575ec15e7cdeb1c2ad668089c1d234bd1
066e40796965dcf06bc494d010bda9437a7471a3852267bf14b5e622161c3417
GET /wp-content/themes/theme46379/images/menu_act.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 1235
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-4d3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/header_part.gif
200 OK 1.4 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/header_part.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 77\012- data
Hash 130197fe348cc12451e23504690fd204
c706b130cf2581e2f8aff67206a9a0d75c1c3c07
3a0442c5f41d87e5fd40cbb7427d406a3386313273b1a92d3754ff5358017fe6
GET /wp-content/themes/theme46379/images/header_part.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 1372
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-55c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/menu_divider.png
200 OK 1.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/menu_divider.png
IP
ASN #8972 Host Europe GmbH
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 680912ff1571dbabdac2c4480a4f76bf
8a05a4c5394d21478d28256c93a8ab2cdda8b973
03a14aa7cf6bf7d58c8295265e4dd5069ee37e0ff407d8dfa90a43c401a861b1
GET /wp-content/themes/theme46379/images/menu_divider.png HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/png
Content-Length: 1063
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-427"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/line.png
200 OK 1.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/line.png
IP
ASN #8972 Host Europe GmbH
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 21d11f47fdf19ee1bde2373215180b4f
2c04597ec2fa8ee83fbbb2cab399265007bf80e9
f22f262bcb61a74fce4494bf01da262a2fb2124c33309f539a3da961d92a260f
GET /wp-content/themes/theme46379/images/line.png HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/png
Content-Length: 1063
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-427"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/css/fonts/open-sans-v15-latin-600.woff2
200 OK 14 kB URL HTTP/1.1 taxi24herford.de/css/fonts/open-sans-v15-latin-600.woff2
IP
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
Analyzer Verdict Alert fortinet Malware
GET /css/fonts/open-sans-v15-latin-600.woff2 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://taxi24herford.de/css/opensans.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: font/woff2
Content-Length: 14544
Last-Modified: Fri, 06 May 2022 15:29:20 GMT
Connection: keep-alive
ETag: "62753ed0-38d0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/theme46379/images/line_1.png
200 OK 1.1 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme46379/images/line_1.png
IP
ASN #8972 Host Europe GmbH
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash bd9808804ea374c68898d14eb1755819
7ea57cbe26edede874d5c3f6ad9c7a3f13c118a5
6dc9b71e166be69812d7f558b4bc7691a8a8c2d8a4462b7d18b1ab1b28477b05
GET /wp-content/themes/theme46379/images/line_1.png HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/theme46379/main-style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/png
Content-Length: 1062
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-426"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/css/fonts/open-sans-v15-latin-700.woff2
200 OK 15 kB URL HTTP/1.1 taxi24herford.de/css/fonts/open-sans-v15-latin-700.woff2
IP
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 14720, version 1.0\012- data
Hash d08c09f2f169f4a6edbcf8b8d1636cb4
5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Analyzer Verdict Alert fortinet Malware
GET /css/fonts/open-sans-v15-latin-700.woff2 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://taxi24herford.de/css/opensans.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: font/woff2
Content-Length: 14720
Last-Modified: Fri, 06 May 2022 15:29:20 GMT
Connection: keep-alive
ETag: "62753ed0-3980"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/images/loading_32.gif
200 OK 6.2 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/images/loading_32.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 32 x 32\012- data
Hash 2f563a16922a716c45900448a518af8f
b748ef5384ff7bc7ef5e6d82c8d2db907fc7fef7
e7c09bb05b12a9aaef1f90d15f2efa9639bfd3c6613b0a83bb98ca4242050f52
GET /wp-content/themes/CherryFramework/images/loading_32.gif HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/CherryFramework/css/style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/gif
Content-Length: 6215
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-1847"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/themes/CherryFramework/images/loading_bg_32.png
200 OK 1.6 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/images/loading_bg_32.png
IP
ASN #8972 Host Europe GmbH
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 53b84ae922eb6e47c66ee36ffc41a53e
b58542f21ffa9f97eecdf9a125e3fc3d69045775
11f0eb3cdc09e7f25e6e42f14f48d6b49dc439b96afd39e1d29d4165ba67636a
GET /wp-content/themes/CherryFramework/images/loading_bg_32.png HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/wp-content/themes/CherryFramework/css/style.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/png
Content-Length: 1644
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-66c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
200 OK 44 kB URL HTTP/1.1 netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
IP
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
GET /font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://taxi24herford.de
Connection: keep-alive
Referer: http://netdna.bootstrapcdn.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: font/woff
Content-Length: 43572
Connection: keep-alive
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
ETag: "b683029bafe0305ac2234038a03e1541"
Last-Modified: Mon, 25 Jan 2021 22:04:51 GMT
CDN-CachedAt: 08/20/2022 02:34:02
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: 1255d339c361962279c618b94cd3e724
CDN-Cache: HIT
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77305f71cefcb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
taxi24herford.de/wp-content/uploads/2013/08/slide_1-100x50.jpg
200 OK 1.7 kB URL HTTP/1.1 taxi24herford.de/wp-content/uploads/2013/08/slide_1-100x50.jpg
IP
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x50, components 3\012- data
Hash df252712e3b2a7203511c313bb67eeec
b93d8b0ff9cb3b4e0f4a7895a87343dec9c5bd37
592f9eccb4ae38f36d8075bfd46d61a11f5a33a03802e7d1e4409e4c1b0eb968
GET /wp-content/uploads/2013/08/slide_1-100x50.jpg HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/jpeg
Content-Length: 1656
Last-Modified: Fri, 06 May 2022 15:29:29 GMT
Connection: keep-alive
ETag: "62753ed9-678"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/uploads/2013/08/slide_2-100x50.jpg
200 OK 2.7 kB URL HTTP/1.1 taxi24herford.de/wp-content/uploads/2013/08/slide_2-100x50.jpg
IP
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x50, components 3\012- data
Hash ef1345600ebef18df3f692cafd1b16e3
6ca93d3a7e3daa230f4e6d7802020e2e3888f564
de1d725298fcd0ffb6c727755e206583817a145003fef61b6b9a52d5eb9daffd
GET /wp-content/uploads/2013/08/slide_2-100x50.jpg HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/jpeg
Content-Length: 2701
Last-Modified: Fri, 06 May 2022 15:29:29 GMT
Connection: keep-alive
ETag: "62753ed9-a8d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
taxi24herford.de/wp-content/uploads/2013/08/slide_1.jpg?1669945416950
200 OK 92 kB URL HTTP/1.1 taxi24herford.de/wp-content/uploads/2013/08/slide_1.jpg?1669945416950
IP
ASN #8972 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x484, components 3\012- data
Hash c78d131e82c85bf03f885dda2cb93f0a
a4e84a3f280c447ac00e00d5f386fe19b90fa985
3f377f4d42ccbfd36da38447b1be27d8b6ae6b0f40355035d25d9981096648a6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2013/08/slide_1.jpg?1669945416950 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/jpeg
Content-Length: 91886
Last-Modified: Fri, 06 May 2022 15:29:29 GMT
Connection: keep-alive
ETag: "62753ed9-166ee"
X-Powered-By: PleskLin
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IsCO2xSgByHhEEnc7G9rqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5taeZiw0XRSQx70TZm/k2aMCAhM=
taxi24herford.de/wp-content/uploads/2013/08/slide_2.jpg?1669945417052
200 OK 146 kB URL HTTP/1.1 taxi24herford.de/wp-content/uploads/2013/08/slide_2.jpg?1669945417052
IP
ASN #8972 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x484, components 3\012- data
Size 146 kB (145988 bytes)
Hash 8f63694f4696aa6e9353b398357f5e5d
1cc39cdc7845177f51c3efc2fc168a3e2d1c5899
8cc3d15cc6cae0eacf51a0b5194493c1159cb34b96620e1cd2a5670936f78abc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2013/08/slide_2.jpg?1669945417052 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:38 GMT
Content-Type: image/jpeg
Content-Length: 145988
Last-Modified: Fri, 06 May 2022 15:29:29 GMT
Connection: keep-alive
ETag: "62753ed9-23a44"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18971
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18971
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18971
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 64827
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 14931
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 66209
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 14010
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 13803
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 14022
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taxi24herford.de/wp-content/themes/theme463791/favicon.ico
404 Not Found 34 kB URL HTTP/1.1 taxi24herford.de/wp-content/themes/theme463791/favicon.ico
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash d3a62f773799b09bccc3185e6f7b680f
3ca7477d1a9af0b35d342963d5204f1769a59c20
0cee517b2a3c981678827d435b130cc97f1751aaa41142e9003144fca6f36975
GET /wp-content/themes/theme463791/favicon.ico HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 02 Dec 2022 01:43:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://taxi24herford.de/wp-json/>; rel="https://api.w.org/"
taxi24herford.de/css/fonts/open-sans-v15-latin-800.woff2
200 OK 15 kB URL HTTP/1.1 taxi24herford.de/css/fonts/open-sans-v15-latin-800.woff2
IP
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 14740, version 1.0\012- data
Hash aaeffaf205b9bbb09920089a14dbe9e8
bfd44d7876c4680850e25c11e5c9e0e8738e62a9
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
Analyzer Verdict Alert fortinet Malware
GET /css/fonts/open-sans-v15-latin-800.woff2 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://taxi24herford.de/css/opensans.css
Cookie: PHPSESSID=htai48audigasm990btn22ir69; 1e559ca06ce323f6f4c669cfe0a33bea=b83fc002498b110def3b484b1cc4171e; ckon2212=sject2212_1fa3f94859836; SJECT2212=CKON2212; JCS_INENREF=; JCS_INENTIM=1669945416851; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; cf-cookie-banner=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:39 GMT
Content-Type: font/woff2
Content-Length: 14740
Last-Modified: Fri, 06 May 2022 15:29:20 GMT
Connection: keep-alive
ETag: "62753ed0-3994"
X-Powered-By: PleskLin
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 14094
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taxi24herford.de/wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2
200 OK 0 B URL HTTP/1.1 taxi24herford.de/wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2
IP
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2 HTTP/1.1
Host: taxi24herford.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxi24herford.de/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 01:43:37 GMT
Content-Type: application/javascript
Content-Length: 94840
Last-Modified: Fri, 06 May 2022 15:29:28 GMT
Connection: keep-alive
ETag: "62753ed8-17278"
X-Powered-By: PleskLin
Accept-Ranges: bytes
92.51.145.141
23.36.76.226
93.184.220.29
34.160.144.191
104.18.10.207