Report - www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197

Report Overview

Submitted URL
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
IP
81.169.145.143
ASN
#6724 Strato AG
Submitted
2022-10-24 04:17:02
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	758 B	2.8 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	658 B	1.6 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	35.164.183.116
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	63 kB	34.120.237.76
www.golfschule-mcqueen.de	unknown	2017-02-22T06:04:57Z	2023-01-05T03:00:16Z	17 kB	1.1 MB	81.169.145.143

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1665513964	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197	Malware
2022-10-24	medium	www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed
2022-10-24	medium	golfschule-mcqueen.de	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	35 kB	2023-03-07	2024-04-21
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2024-04-21 00:05:08 Times Seen522 Hash b15244e2e9088c1bd82e443f3f6ea2ec 5017a952ee8f3e8fa592f69d8fd692e74800c018 eabcdac849f25a0284662f136280ded01cd2a74682288f2fce8f27f5561e22e4 Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2	29 kB	2023-03-07	2023-07-14
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2023-07-14 16:52:25 Times Seen10 Hash 954a67ef1d330ada883d73bdc015400b 0263e3bd72466a22416998974d9c3f1d23200ac0 d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-24
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 22:40:37 Times Seen31821 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2	64 kB	2023-03-07	2024-04-21
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2024-04-21 00:05:08 Times Seen710 Hash 914691f1d96f777c171b750e372b0653 c3e3ce40e200c3313ebf7cfa080911f86a9cdb0d 53d8207647b52ec625a9aa50384248b7995c2a1c28d71bf08587ca42495ddd0b Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3	8.1 kB	2023-03-07	2024-04-22
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:57 Last Seen2024-04-22 06:29:22 Times Seen2534 Hash 4fe14337a62d710389f42e8a5d1043f7 5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5 069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf Loading...

	www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1	2.2 kB	2023-03-07	2023-11-19
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/scrollup/jquery.scrollUp.min.js?ver=2.4.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:26 Last Seen2023-11-19 17:20:01 Times Seen24 Hash 6c75e71e2f6efcb2563ff9881c0f3a7b 393f3a42e9eabffb92305aaa051c5bc76be69fd9 0a7f759243c427d92d61b7981ada47994586d522eebe571b652d508b084c4657 Loading...

	www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197	2.2 kB	2023-03-10	2023-03-10
Pretty URL www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:12:10 Last Seen2023-03-10 14:12:20 Times Seen1 Hash 6782631d9f02d00aa8b733231177de75 6aeb30e2c14c717e7552984bb76eef72a80f9b02 02fcfbf4be2544b921913fbefa1e5c6ae1e43a0a7d19d203d53396e8f85267d8 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 01:37:46 Times Seen68606 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8	15 kB	2023-03-07	2024-04-24
Pretty URL www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-24 18:17:34 Times Seen16385 Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6 678bc6f750f13adb29bbc158eb0d9cd813b736fa 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-25
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 01:37:46 Times Seen38039 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-24
Pretty URL www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 81.169.145.143 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-24 19:00:09 Times Seen30965 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

HTTP Transactions (52)

URL IP Response Size

www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197

81.169.145.143

301 Moved Permanently

311 B

URL HTTP/1.1
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
36d0bb17ad44c2c00ebb298362583575
57a0995ab1289e0839fe2b956f87f669679762f7
8ee03728a66c4b42f56115e7d2fc5f02279d857c0e59631ed00a7f92e6a12ae5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 04:16:50 GMT
Server: Apache/2.4.54 (Unix)
Location: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Content-Length: 311
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Mon, 24 Oct 2022 05:06:33 GMT
Date: Mon, 24 Oct 2022 04:16:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 03:52:56 GMT
Expires: Mon, 24 Oct 2022 04:22:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OxNOUnr6SfLC1xfwdFWsFo2gQfP_29xkawcnEQDIG-333b3yUsVWEw==
Age: 1435

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3029
Expires: Mon, 24 Oct 2022 05:07:20 GMT
Date: Mon, 24 Oct 2022 04:16:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IHKr9Jl8S2rdQPxsw/kBLjv/Cz0T2rAyATWfi8gzviMjkc4FtqjYVok46W34Y4fCiRVE1uJlwdE=
x-amz-request-id: J706SEYQYPTHS5EQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 04:08:22 GMT
age: 509
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:16:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c5cab6f0b12912b4a2579266e9360333
5005fd8c44fa9cf9979dca6d66905a4d4f2374e2
41d49a0b6c65f35c663cabaa1f49f429bcc3384c089d7cbbc63f62ddd09a38c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160679
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:16:51 GMT
Etag: "6355e25a-1d7"
Expires: Wed, 26 Oct 2022 00:54:50 GMT
Last-Modified: Mon, 24 Oct 2022 00:54:50 GMT
Server: nginx
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 03:33:32 GMT
Expires: Mon, 24 Oct 2022 03:52:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PZbM46yxSE5Vz64aHHkyz8GdpkXi3pcP58Rka_-rr0hn2Y0_ijG3Pg==
Age: 2599

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4865
Cache-Control: max-age=105057
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:16:51 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:27:48 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O4ktXw7E8G7W+EMXwswzuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 61fHuRar7FEoOrLsqGyeEUye9Fo=

www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

81.169.145.143

200 OK

89 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:36:41 GMT
etag: "15b64-5e3a5d121ee1d"
accept-ranges: bytes
content-length: 88932
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

81.169.145.143

200 OK

19 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 May 2022 12:43:44 GMT
etag: "48b9-5e03a01ad94ff"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8

81.169.145.143

200 OK

14 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (13766)
Size
14 kB (13805 bytes)
Hash
1ba88cd8d78170622cbde802471c6ff4
7f307102436e43a31814f86251392f817f00bb98
b6f32cefd16ee8496c92ec0ee00c68a5a025e76c3397582a76dce360a7620910

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:32 GMT
etag: "35ed-5eac6ae509bb9"
accept-ranges: bytes
content-length: 13805
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8

81.169.145.143

200 OK

166 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65497)
Size
166 kB (165670 bytes)
Hash
1d5c64403d807f1827b8e86f38189793
a6d604715054aea94da11ac0264b11435ee6ea57
98663b748040fa79ece807c453c25d3192c129c3660ae8927b3fd7c298bbfa34

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:32 GMT
etag: "28726-5eac6ae515ef4"
accept-ranges: bytes
content-length: 165670
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13

81.169.145.143

200 OK

776 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text
Size
776 B (776 bytes)
Hash
a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 14:34:05 GMT
etag: "308-5e77645b61bb7"
accept-ranges: bytes
content-length: 776
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1665513964

81.169.145.143

200 OK

1.3 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1665513964
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (1250), with no line terminators
Size
1.3 kB (1250 bytes)
Hash
f9b1f3b76aaf8980f1c4e118b87a6996
47b719d7da08f2f876429070c2f8bcadca3ee2cf
e206cdf9a108a62dcca31901fda251a15f46b37d5758d056c118b976dbc840b4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-3029.css?ver=1665513964 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:46:04 GMT
etag: "4e2-5eac6b03f38e4"
accept-ranges: bytes
content-length: 1250
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8

81.169.145.143

200 OK

27 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (26516)
Size
27 kB (26702 bytes)
Hash
c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "684e-5eac6ae6934ab"
accept-ranges: bytes
content-length: 26702
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8

81.169.145.143

200 OK

59 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (59158)
Size
59 kB (59344 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "e7d0-5eac6ae67c546"
accept-ranges: bytes
content-length: 59344
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.3

81.169.145.143

200 OK

59 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.3
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (58981)
Size
59 kB (59016 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 13:35:07 GMT
etag: "e688-5c002ee893c26"
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4

81.169.145.143

200 OK

5.6 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (5477)
Size
5.6 kB (5629 bytes)
Hash
3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 21 Oct 2020 13:03:16 GMT
etag: "15fd-5b22df881e2b1"
accept-ranges: bytes
content-length: 5629
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

81.169.145.143

200 OK

11 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 23 Dec 2020 14:59:45 GMT
etag: "2bd8-5b722f1205ba3"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2

81.169.145.143

200 OK

12 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with CRLF line terminators
Size
12 kB (12189 bytes)
Hash
fddc165482db1b4f50e15c527b48801a
6c14b2ed143dab3683310035210c2abe700e81ce
e5bb920d126441b27d8e5a9a9665dc906da81ea21f26ec3a788b70bd40b26d1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "2f9d-5e9583d97e2b3"
accept-ranges: bytes
content-length: 12189
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8

81.169.145.143

200 OK

15 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (14869)
Size
15 kB (15055 bytes)
Hash
7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "3acf-5eac6ae6ac6d1"
accept-ranges: bytes
content-length: 15055
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

81.169.145.143

200 OK

19 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (19233)
Size
19 kB (19279 bytes)
Hash
d183c598fd582fe997f6782afed84f9b
7799820e0e849e8484543c3360a8d8cc62baa32f
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:33 GMT
etag: "4b4f-5eac6ae661f8f"
accept-ranges: bytes
content-length: 19279
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6

81.169.145.143

200 OK

35 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document, ASCII text, with very long lines (615)
Size
35 kB (35291 bytes)
Hash
b15244e2e9088c1bd82e443f3f6ea2ec
5017a952ee8f3e8fa592f69d8fd692e74800c018
eabcdac849f25a0284662f136280ded01cd2a74682288f2fce8f27f5561e22e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "89db-5e9583d94aa60"
accept-ranges: bytes
content-length: 35291
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2

81.169.145.143

200 OK

52 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
52 kB (51537 bytes)
Hash
937863cd2af636d785af0e8c14de5003
4bbe983ee5f60475b4d3028da30c8b3c023d7034
50bf870be28e04a4f4e075f2c259090c2fb934467d35ba15ac364f6be78d65f6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c951-5e9583d974277"
accept-ranges: bytes
content-length: 51537
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6

81.169.145.143

200 OK

27 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text
Size
27 kB (27154 bytes)
Hash
d20fd38e678f8ce9e9157df28741580a
36fd33f0aebe4594b1fe041607ad5c24de287662
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "6a12-5e9583d8d866f"
accept-ranges: bytes
content-length: 27154
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

81.169.145.143

200 OK

31 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (30837)
Size
31 kB (30999 bytes)
Hash
008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "7917-5eac6ae683ea6"
accept-ranges: bytes
content-length: 30999
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2

81.169.145.143

200 OK

49 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
GTA in-game text (GXT), version 10799, used in GTA SA/IV\012- , ASCII text, with CRLF line terminators
Size
49 kB (49288 bytes)
Hash
44102ac61c442e9d18cbe62f97351f55
6585ab8cce6f704bdac597070e179512d489b426
0c3d36461dc42b948537816e18dd28bc47f50550b0d1d6c3b483f28821403caa

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c088-5e9583d9801dc"
accept-ranges: bytes
content-length: 49288
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2

81.169.145.143

200 OK

29 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (414), with CRLF line terminators
Size
29 kB (29448 bytes)
Hash
954a67ef1d330ada883d73bdc015400b
0263e3bd72466a22416998974d9c3f1d23200ac0
d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "7308-5e9583d972eea"
accept-ranges: bytes
content-length: 29448
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

81.169.145.143

200 OK

90 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 01 Oct 2021 15:38:23 GMT
etag: "15db1-5cd4c5a8311ca"
accept-ranges: bytes
content-length: 89521
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2

81.169.145.143

200 OK

69 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (9171), with CRLF line terminators
Size
69 kB (69439 bytes)
Hash
90cb1507c3af20339f9e8f06f7de96d8
2b0d4a712790dab29e2947afe1fb7606d3a88041
2b25de735ba1557e9e694bc2301897f1b7a8eeaf49b503e8e8d52e3a52f6a800

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "10f3f-5e9583d8a98c3"
accept-ranges: bytes
content-length: 69439
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2

81.169.145.143

200 OK

64 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with CRLF line terminators
Size
64 kB (64265 bytes)
Hash
914691f1d96f777c171b750e372b0653
c3e3ce40e200c3313ebf7cfa080911f86a9cdb0d
53d8207647b52ec625a9aa50384248b7995c2a1c28d71bf08587ca42495ddd0b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "fb09-5e9583d8b5c09"
accept-ranges: bytes
content-length: 64265
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197

81.169.145.143

404 Not Found

36 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
36 kB (35593 bytes)
Hash
fbc82729c5d2acad71f525df68b5c185
774b681451050b9aecfded58d8157f38afcb043d
ed87ee523a1063a85f6169370d79caf537a65d8bb66934b4f99600883138c8ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 04:16:51 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3

81.169.145.143

200 OK

8.1 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (7808), with CRLF line terminators
Size
8.1 kB (8051 bytes)
Hash
4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "1f73-5e9583d96f09f"
accept-ranges: bytes
content-length: 8051
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

81.169.145.143

200 OK

77 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "12d68-5eac6ae6a2a8b"
accept-ranges: bytes
content-length: 77160
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg

81.169.145.143

200 OK

18 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 188x175, components 3\012- data
Size
18 kB (17710 bytes)
Hash
607d6e99ab7888e3428cf1c488984fc0
c851a59714b86d1a3316f4897e449ac348cc78fa
057eb7883e4539238ad411ac894b3a4f38aaa64d0fca9da64437f211b99aff3a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/Crest.jpg HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:09 GMT
etag: "452e-59f00770fac2d"
accept-ranges: bytes
content-length: 17710
content-type: image/jpeg
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png

81.169.145.143

200 OK

35 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
35 kB (34992 bytes)
Hash
9b10c6d00f12855346357940646fb7a2
c347afc5b3b38bb8ae4ea8e0fce6b7ce0566d297
1338281d8454d0fe94426c466aa0ee850abdd45093158abff5385567fbf43236

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/PGA.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:10 GMT
etag: "88b0-59f00771424b6"
accept-ranges: bytes
content-length: 34992
content-type: image/png
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png

81.169.145.143

200 OK

13 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 147 x 175, 8-bit grayscale, non-interlaced\012- data
Size
13 kB (12973 bytes)
Hash
c5a7ed4f83b1844d2760855b506eecaa
3a4921d3a2e26ac9c1ffc2d4d6cc95611ec4195a
bd3ed10df7d96e9a4add932754284b49c4971d769c872d6b364001d1675c32a5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/02/images-e1613926147447.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 21 Feb 2021 16:49:07 GMT
etag: "32ad-5bbdb76bde525"
accept-ranges: bytes
content-length: 12973
content-type: image/png
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive

www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2

81.169.145.143

200 OK

503 B

URL HTTP/2
www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/grow/style.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "26b7b-5e9583d99b730"
accept-ranges: bytes
content-length: 158587
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10380 bytes)
Hash
6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8wGo-DXHbBkHTL0pga_Er5trO69wmUsUc7oOSz4zJ8yskzOVjF98Zg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:59:31 GMT
age: 22642
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkk3lDqVtpedvxCxGrNyJVjGIW6-VJqpMgBxHjaRatILglKJ96Tfvg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23417
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11434 bytes)
Hash
83541a1138889c5e692e7021c073f990
b42a826513836e4bad11289a5ccec0966d0c6d11
7467154701943711c92a10449baf4f7eac42b31046f17778667db5ba673dd67f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11434
x-amzn-requestid: 0970e5a1-a1dd-4685-b2a2-b748327b5e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOOEwHoAMFWzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58e-30834eff039ef76267bf3459;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IGk98fgPhfTOLjKNa2rJJICeulHimmnIuJOSY9jJ31Lb6EXLozwT1A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:01:50 GMT
age: 22503
etag: "b42a826513836e4bad11289a5ccec0966d0c6d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9894 bytes)
Hash
9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:14:18 GMT
age: 21755
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8361 bytes)
Hash
72d843f94f06a00091ded227a40f24f7
7becba083c646f4715513e07d297ebc56f9d22ab
407d2ea28f44456af3f0f7b7f594703b08d15a5d682756bcad17de85dce65cd7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8361
x-amzn-requestid: 23942897-d28e-4661-b941-1c8eb5ae9735
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelO4E4BIAMFcpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b592-4df057fb403df49841961951;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:46 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ybm5nbcEOMZT4vaC5dx7ji-VXg11O3AUZFfE42y418bv-QU0ntK_MQ==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23417
etag: "7becba083c646f4715513e07d297ebc56f9d22ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/favicon.ico

81.169.145.143

302 Found

0 B

URL HTTP/2
www.golfschule-mcqueen.de/favicon.ico
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8953 bytes)
Hash
7ad00d9f89cc4d7f29fd53f89b4545f3
c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7
6d8e82f5aced08627c83945bc8f011bbaea66789427624baaef5104858472ea2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 5085f7ea-72de-43e0-a670-d221fc6af736
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelBzHcPIAMFpqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1c4bfd5c56b0af173eb43001;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pCvtOb9B5beB4xJFbTvDQxO37bcXmPVCAwUOw7hOZLHTe_W-ii4T6Q==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:35:31 GMT
etag: "c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7"
content-type: image/jpeg
age: 20482
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png

81.169.145.143

200 OK

4.1 kB

URL HTTP/2
www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
IP
81.169.145.143:0
ASN
#6724 Strato AG

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 01:35:09 GMT
etag: "1017-5a7c4f894c834"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 24 Oct 2022 04:16:53 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations