www.turmhof.at/
185.51.8.60302 Found 207 B IP 185.51.8.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4656d555726c1d6f83c81c66bbde1ee
375f29e51fe0132ac7e249b90b00c52fdee831ae
8157d11a8409858b269e784f1ab381af1f186010f68e4f649e030a27e32078dc
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 25 Oct 2022 18:18:06 GMT
server: Apache
location: https://www.turmhof.at/
content-length: 207
content-type: text/html; charset=iso-8859-1
age: 314
permissions-policy: interest-cohort=()
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11622
Expires: Tue, 25 Oct 2022 21:37:03 GMT
Date: Tue, 25 Oct 2022 18:23:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: max-age=145595
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 18:23:21 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:49:56 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3697
Expires: Tue, 25 Oct 2022 19:24:58 GMT
Date: Tue, 25 Oct 2022 18:23:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: krhU2lYV7pPL4a92abtQWuUq1e1kphNjMOE0zt4PCN/54SbBo/tkTz8nYB/jtbARTbvyqcTL9pI=
x-amz-request-id: G344S7Z744BS2QWX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 18:09:02 GMT
age: 859
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 18:23:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7781d1aca18b7c5ff5537b78d60b56f6
150c4cfdbc1ce3d856dabe52c1f84cee67a7569c
6cf2ef28de1c80e3e26ff4437a4ef276b3f278f7981b8b7e614e4f6c1f65a510
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134745
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 18:23:21 GMT
Etag: "635794f2-2d7"
Expires: Thu, 27 Oct 2022 07:49:06 GMT
Last-Modified: Tue, 25 Oct 2022 07:49:06 GMT
Server: nginx
Content-Length: 727
www.turmhof.at/
185.51.8.60301 Moved Permanently 20 B IP 185.51.8.60:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET / HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 25 Oct 2022 18:18:06 GMT
server: Apache
content-encoding: gzip
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
location: https://www.turmhof.at/neues/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 20
content-type: text/html
vary: Accept-Encoding
age: 314
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5514
Cache-Control: max-age=141320
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 18:23:22 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:38:42 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.turmhof.at/fileadmin/img/weingut-turmhof.svg
185.51.8.60200 OK 2.4 kB URL HTTP/2 www.turmhof.at/fileadmin/img/weingut-turmhof.svg
IP 185.51.8.60:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 95eeedc797487129162268d919ee9971
ad1287dc258d011f91de76e813b6884e5f7c9a19
872d9c4d84c3f738ee1f4a4187cc3a3765837f8388b184e23121f5967fbfebe5
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/img/weingut-turmhof.svg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 11 Nov 2014 15:42:59 GMT
etag: "963-50797223666c0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2403
content-type: image/svg+xml
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/neues/
185.51.8.60200 OK 179 kB IP 185.51.8.60:0
Size 179 kB (179330 bytes)
Hash 2d83261757269e71e3b494014cb0a3e1
0f977fd3a45886840d6d80e8549732efee437c3b
b2837c90568a293976b2432b079ecd13b04b1ca53cf4d2064f963ccc2ed6e451
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:23:22 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6; path=/
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
185.51.8.60200 OK 24 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png
IP 185.51.8.60:0
File type PNG image data, 180 x 246, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c9e8a43a0f0daa6ceee7c0b396929db
463d1af76d54b49eeb4df50d589bc3091b24cd23
1df11a0fe801694d268e1b5551f6236c1bea0af3fd92a0660217a8be7d1882f9
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_zertifiziert-nachhaltige-weine_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 26 Aug 2019 10:40:35 GMT
etag: "5e82-59102c932b935"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 24194
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
185.51.8.60200 OK 52 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_awc-gold_02.png
IP 185.51.8.60:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash fb3bed29bf6969942c7c24d578d4df84
0476f65993cef68c42b88d9a54abbe2dc3e71553
4849a28766b47ca0c753c887163b2571edee64a50fb0299903ec6b377f2cd286
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_awc-gold_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 26 Oct 2017 13:05:30 GMT
etag: "ca65-55c72d3aa2e56"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 51813
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
185.51.8.60200 OK 18 kB URL HTTP/2 www.turmhof.at/fileadmin/img/marillenmarmelade.jpg
IP 185.51.8.60:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x380, components 3\012- data
Hash 134740414ab039e3b941f6e1e536c80d
2a2f746a78091532169f066362fe3c2d58cd2553
7da6aa4e7eeae27100e27d5aa4d9d33b07ba6806709c5b1403eb4e0dbd122786
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/img/marillenmarmelade.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 31 Mar 2015 16:41:56 GMT
etag: "46dc-5129846d13d00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 18140
content-type: image/jpeg
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
185.51.8.60200 OK 1.1 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kail_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 40x61, components 3\012- data
Hash ff86c24c34be9076366198dff4a2239b
1cd533b2f2834a06582310a0ff7e6d2d9f3d1fdd
b5e80290915c963f6c79b8cbc4481231bdc3c17bca0ee9c1c770419413a0ab6f
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_kail_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "46a-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1130
content-type: image/jpeg
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
185.51.8.60200 OK 2.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_daniel-spoerri_03.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 97x65, components 3\012- data
Hash f375205904abd42869b823bfe7e945d2
3540b4a3343a5e6a3303bbf0dd9a785af69293d9
55497da883add72f844bc744ee9c112d5fad8babc5cc91f593edbe72d76cedaf
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_daniel-spoerri_03.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Thu, 25 Dec 2014 12:07:00 GMT
etag: "9fb-50b093ed04100"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2555
content-type: image/jpeg
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
185.51.8.60200 OK 5.3 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (1230)
Hash fe1e089131a6aca2400aeb622468a454
9ec239548dab5b6ed80d91667f566b7cae7ae256
7009d502328cd91170cbdc5ca45ef195c1f94c4f9f58063d587f904fe8f5a5ca
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /typo3temp/compressor/merged-ff662f81a898aa574edee79f8871491e-795a542870364d232d5704bd747de11b.css.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:23:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "149a-5e889e7213546"
accept-ranges: bytes
content-length: 5274
cache-control: max-age=604800
expires: Tue, 01 Nov 2022 18:23:22 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/css
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
185.51.8.60200 OK 2.7 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_loisium_01.jpg
IP 185.51.8.60:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 117x134, components 3\012- data
Hash cd270c7eb83c4d52ae51687230278b97
465a04f7af5c22d62d9fbdd4e842ef83e1f56b1c
1364e00bc3e3b1c59f8e66ea4ed83a3ae06c707491ae1994d270b7600de48c72
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_loisium_01.jpg HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:06 GMT
etag: "a82-507eb5f971880"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 2690
content-type: image/jpeg
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
185.51.8.60200 OK 9.5 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_stiegenhaus_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 98493508f06b48fa41e9c5bcdbde8278
e8d6986e81968e8cb4985fa91504364925525005
bb75ba903054bfbb8ea738174516fc8890e97acb0628a3a7919d92397ae8fa78
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_stiegenhaus_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "24f5-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9461
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
185.51.8.60200 OK 17 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_kittenberger_01.png
IP 185.51.8.60:0
File type PNG image data, 168 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 78d0498cf4a1c01fecfe313ed7fa63d8
707b5cc166a1a16dafb59a8a38dfe3f755e0a849
c39ad8ed6d186834171db7fc85fcd8e70dd275ad6cd0a1e3a5186d4fd0425226
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_kittenberger_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "43fb-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 17403
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_arche-noah.png
185.51.8.60200 OK 4.6 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_arche-noah.png
IP 185.51.8.60:0
File type PNG image data, 75 x 81, 8-bit/color RGB, non-interlaced\012- data
Hash d49abd24e93496edb8fa090517479857
900372c6f12774dba708b03949369d3f39759dc8
77c40bb6e38f1f9f0745618d7679f809ceb5897c47a89572fdd98243eeeb55e8
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_arche-noah.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:11:32 GMT
etag: "11f6-507eb59fcc500"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 4598
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
185.51.8.60200 OK 16 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_straussenland_01.png
IP 185.51.8.60:0
File type PNG image data, 228 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash c281f7ed679dcfcf72bbee8698fec873
0ffb5be7bb29def1ed6245efac2423d88fb7a624
8bec635af1c63eeba2be6326e5ed3e0530aeb02a8bee4a130cf04f1c7d6bb948
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_straussenland_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "3e59-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 15961
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
185.51.8.60200 OK 7.4 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_elsarn_01.png
IP 185.51.8.60:0
File type PNG image data, 111 x 74, 8-bit/color RGB, non-interlaced\012- data
Hash 1d886e1847806889c6808ac929f30e60
d2ae6cb156283e7b58b522b92ade3068265d9536
4be006758eccd3cf40eb7e42fe0004da0e290df92b14018e792c455fbb0fc6ef
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_elsarn_01.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "1cd3-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 7379
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
185.51.8.60200 OK 9.8 kB URL HTTP/2 www.turmhof.at/uploads/RTEmagicC_schlossfestspiele_02.png
IP 185.51.8.60:0
File type PNG image data, 244 x 31, 8-bit/color RGB, non-interlaced\012- data
Hash cfd49ae518049a3b9834774c4e07fadc
c49b0f70df83da58ccf25e84f65ef9b50153396f
fdec629e2da1ee95c06049fbfed064f69610951fed3a022b00c202293af598f8
Analyzer Verdict Alert openphish PayPal Inc.
GET /uploads/RTEmagicC_schlossfestspiele_02.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Sat, 15 Nov 2014 20:13:07 GMT
etag: "2618-507eb5fa65ac0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 9752
content-type: image/png
age: 122
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/neues/Aktualisiere
185.51.8.60301 Moved Permanently 0 B URL HTTP/2 www.turmhof.at/neues/Aktualisiere
IP 185.51.8.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/Aktualisiere HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 25 Oct 2022 18:23:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
location: https://www.turmhof.at/neues/Aktualisiere/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 0
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
185.51.8.60200 OK 140 kB URL HTTP/2 www.turmhof.at/typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869
IP 185.51.8.60:0
File type ASCII text, with very long lines (32065)
Size 140 kB (140516 bytes)
Hash 331db749b23314b1bad5b93fafe609fa
c8e218e61f6918b0a8832fa416651245eb45ec20
123def30c06e0713dce6a1280b0715fb6f206c456027af94699246a25a544edd
GET /typo3temp/compressor/merged-ed6cea7a3e1424b68211fdd94afb718d-89b023a51b7aa2b082e140e2cc7c4a9d.js.gzip?1663053869 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:23:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Tue, 13 Sep 2022 07:24:29 GMT
etag: "224e4-5e889e7210666"
accept-ranges: bytes
content-length: 140516
cache-control: max-age=604800
expires: Tue, 01 Nov 2022 18:23:22 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
content-type: text/javascript
vary: Accept-Encoding
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wtrNrbSdsvfMVmF9dEy9cQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Sr4oc2/nTkFtaYtBUOGZcXaIJNw=
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-300.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-300.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:28 GMT
etag: "329c-5e6cf2bad1239"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12956
content-type: font/woff2
age: 9996
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-italic.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "3124-5e6cf2bb4559a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 12580
content-type: font/woff2
age: 9996
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
185.51.8.60200 OK 13 kB URL HTTP/2 www.turmhof.at/fileadmin/fonts/source-sans-pro-v21-latin-600.woff2
IP 185.51.8.60:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /fileadmin/fonts/source-sans-pro-v21-latin-600.woff2 HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:36:46 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 22 Aug 2022 07:12:29 GMT
etag: "32fc-5e6cf2bb08cda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 13052
content-type: font/woff2
age: 9996
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
185.51.8.60200 OK 109 kB URL HTTP/2 www.turmhof.at/fileadmin/img/zertifiziert-nachhaltige-weine.png
IP 185.51.8.60:0
File type PNG image data, 2249 x 3067, 8-bit colormap, non-interlaced\012- data
Size 109 kB (109417 bytes)
Hash c6a8590dc805bc91225593002f16aaae
3cf17115e5ca347c710cc03efdf0de8af540d564
f6256e3b713a04fd7cbeaae7e866487a04d0602883a6d01258ffdd9074de0d9e
Analyzer Verdict Alert openphish PayPal Inc.
GET /fileadmin/img/zertifiziert-nachhaltige-weine.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 18:21:23 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
last-modified: Mon, 16 Apr 2018 18:29:37 GMT
etag: "1ab69-569fb67842272"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 109417
content-type: image/png
age: 119
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/neues/Aktualisiere/
185.51.8.60404 Not Found 1.8 kB URL HTTP/2 www.turmhof.at/neues/Aktualisiere/
IP 185.51.8.60:0
Hash 0edf06066c7dff9f1dde8fe20c925194
f88ef76b2c865c6f24b1bfdd3eec9941d333a31b
a09c29fee19ca2b0a5d70a4a467b41853f3bd708ac8f0ad083b7489cf87f5635
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /neues/Aktualisiere/ HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 25 Oct 2022 18:23:22 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-type: text/html
age: 0
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/android-icon-192x192.png
185.51.8.60200 OK 3.9 kB URL HTTP/2 www.turmhof.at/android-icon-192x192.png
IP 185.51.8.60:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 3eabb9bf16cbd62536b64227d2f45a3d
4fe2947c933b93a2b1bb2e7b666d89ad95a0e1f9
57c6b9924b6025350f495632c8551f4bbbcbd7e4a1b0b800672b68faa48d1546
Analyzer Verdict Alert openphish PayPal Inc.
GET /android-icon-192x192.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 16:34:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
vary: Accept-Encoding
last-modified: Mon, 01 Jul 2019 19:59:54 GMT
etag: "f2f-58ca412642ecd"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 3887
content-type: image/png
age: 6540
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.turmhof.at/favicon-16x16.png
185.51.8.60200 OK 1.3 kB URL HTTP/2 www.turmhof.at/favicon-16x16.png
IP 185.51.8.60:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b8a51e07dbc1a9e5f2dcbd46aaa32ddc
45b6b5b239008a0a49740d253584ecaa92b30ad0
cfd5bf87f1faf7b02424ef8a47e0fe0ed16812691b306b65a73e179d8e636906
Analyzer Verdict Alert openphish PayPal Inc.
GET /favicon-16x16.png HTTP/1.1
Host: www.turmhof.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=iq4hq9fv93rupf76aat14kv2a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 15:01:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://www.turmhof.at
vary: Accept-Encoding
last-modified: Mon, 01 Jul 2019 19:59:55 GMT
etag: "515-58ca41277d611"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
content-length: 1301
content-type: image/png
age: 12090
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Tue, 25 Oct 2022 19:27:08 GMT
Date: Tue, 25 Oct 2022 18:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Tue, 25 Oct 2022 19:27:08 GMT
Date: Tue, 25 Oct 2022 18:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Tue, 25 Oct 2022 19:27:08 GMT
Date: Tue, 25 Oct 2022 18:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Tue, 25 Oct 2022 19:27:08 GMT
Date: Tue, 25 Oct 2022 18:23:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cf322f19151bcfa374c2e32b9ac986f
e8e69ac951def18bc1e03ecd4fe8a21d3b825b27
54ddfd1876f65e264b9b3209a0e805a3796013b4aacc8e9fd20b49754b4917a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4206
x-amzn-requestid: 6b02f96a-ea03-4eff-acde-c73925260102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3E3GPQoAMFpIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570552-77cf762d0e54f1f60efe52c3;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:18 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jiu-Z6DMgXxXdZ5BDwjNoq5Y15kBgM894k4EY2qSRZKdvk0bfkn89A==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:16 GMT
age: 73988
etag: "e8e69ac951def18bc1e03ecd4fe8a21d3b825b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:43:49 GMT
age: 38375
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:51:44 GMT
age: 37900
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KfIXjRxRZXL0gD2Etdn5kfEjPkqA-faF2KHqrWikR0etkh6oGU4ifw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:09 GMT
age: 73995
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0215d09b407ecfd690d63aee6a30add
d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94
6147a16325e6c63e7e3acfde58a4cfcd04564ddd6df61835e6e563ec6e67aa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5662
x-amzn-requestid: cb169868-462c-4083-af25-ca65cb2df563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EhH7SoAMFdeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054f-1635cae5575eed4a43607a11;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dpxbLV6cVUBnRvlwqBccWltel3NQThen1b9daizhF4JF426bL1d12w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:56:50 GMT
age: 73594
etag: "d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89448f1a52030b28e9ecfcdc190787d4
5080ba75c230fd2b303f29a9b64868c6e8771df8
10a736997d441e274a54e9689c349d407087fef7aa7c0f4d0a7a603e446fdabd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: 94dad7b4-9c12-4bda-9202-3b7427185182
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiElGzEIAMFnOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e9-3c79cd392d5bc4312a730cda;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c5_B2RXKJx7FHrQvHdCG50zcDFWUqaaZu0GYuCxEI8fpK019dSlD3Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 13:16:32 GMT
age: 18412
etag: "5080ba75c230fd2b303f29a9b64868c6e8771df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2