www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
81.169.145.143301 Moved Permanently 311 B URL HTTP/1.1 www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
IP 81.169.145.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 36d0bb17ad44c2c00ebb298362583575
57a0995ab1289e0839fe2b956f87f669679762f7
8ee03728a66c4b42f56115e7d2fc5f02279d857c0e59631ed00a7f92e6a12ae5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 04:16:50 GMT
Server: Apache/2.4.54 (Unix)
Location: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Content-Length: 311
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Mon, 24 Oct 2022 05:06:33 GMT
Date: Mon, 24 Oct 2022 04:16:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 03:52:56 GMT
Expires: Mon, 24 Oct 2022 04:22:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OxNOUnr6SfLC1xfwdFWsFo2gQfP_29xkawcnEQDIG-333b3yUsVWEw==
Age: 1435
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3029
Expires: Mon, 24 Oct 2022 05:07:20 GMT
Date: Mon, 24 Oct 2022 04:16:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IHKr9Jl8S2rdQPxsw/kBLjv/Cz0T2rAyATWfi8gzviMjkc4FtqjYVok46W34Y4fCiRVE1uJlwdE=
x-amz-request-id: J706SEYQYPTHS5EQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 04:08:22 GMT
age: 509
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:16:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c5cab6f0b12912b4a2579266e9360333
5005fd8c44fa9cf9979dca6d66905a4d4f2374e2
41d49a0b6c65f35c663cabaa1f49f429bcc3384c089d7cbbc63f62ddd09a38c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160679
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:16:51 GMT
Etag: "6355e25a-1d7"
Expires: Wed, 26 Oct 2022 00:54:50 GMT
Last-Modified: Mon, 24 Oct 2022 00:54:50 GMT
Server: nginx
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 03:33:32 GMT
Expires: Mon, 24 Oct 2022 03:52:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PZbM46yxSE5Vz64aHHkyz8GdpkXi3pcP58Rka_-rr0hn2Y0_ijG3Pg==
Age: 2599
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4865
Cache-Control: max-age=105057
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:16:51 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:27:48 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O4ktXw7E8G7W+EMXwswzuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 61fHuRar7FEoOrLsqGyeEUye9Fo=
www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
81.169.145.143200 OK 89 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 81.169.145.143:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:36:41 GMT
etag: "15b64-5e3a5d121ee1d"
accept-ranges: bytes
content-length: 88932
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
81.169.145.143200 OK 19 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 81.169.145.143:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 May 2022 12:43:44 GMT
etag: "48b9-5e03a01ad94ff"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8
81.169.145.143200 OK 14 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8
IP 81.169.145.143:0
File type ASCII text, with very long lines (13766)
Hash 1ba88cd8d78170622cbde802471c6ff4
7f307102436e43a31814f86251392f817f00bb98
b6f32cefd16ee8496c92ec0ee00c68a5a025e76c3397582a76dce360a7620910
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:32 GMT
etag: "35ed-5eac6ae509bb9"
accept-ranges: bytes
content-length: 13805
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8
81.169.145.143200 OK 166 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8
IP 81.169.145.143:0
File type ASCII text, with very long lines (65497)
Size 166 kB (165670 bytes)
Hash 1d5c64403d807f1827b8e86f38189793
a6d604715054aea94da11ac0264b11435ee6ea57
98663b748040fa79ece807c453c25d3192c129c3660ae8927b3fd7c298bbfa34
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:32 GMT
etag: "28726-5eac6ae515ef4"
accept-ranges: bytes
content-length: 165670
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
81.169.145.143200 OK 776 B URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 81.169.145.143:0
Hash a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 14:34:05 GMT
etag: "308-5e77645b61bb7"
accept-ranges: bytes
content-length: 776
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1665513964
81.169.145.143200 OK 1.3 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/elementor/css/post-3029.css?ver=1665513964
IP 81.169.145.143:0
File type ASCII text, with very long lines (1250), with no line terminators
Hash f9b1f3b76aaf8980f1c4e118b87a6996
47b719d7da08f2f876429070c2f8bcadca3ee2cf
e206cdf9a108a62dcca31901fda251a15f46b37d5758d056c118b976dbc840b4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-3029.css?ver=1665513964 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:46:04 GMT
etag: "4e2-5eac6b03f38e4"
accept-ranges: bytes
content-length: 1250
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8
81.169.145.143200 OK 27 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8
IP 81.169.145.143:0
File type ASCII text, with very long lines (26516)
Hash c55205bce667f5d812354fd1353e7389
f22de0af271eba636a022c873c94fbcd81b4c89a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "684e-5eac6ae6934ab"
accept-ranges: bytes
content-length: 26702
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8
81.169.145.143200 OK 59 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8
IP 81.169.145.143:0
File type ASCII text, with very long lines (59158)
Hash 74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "e7d0-5eac6ae67c546"
accept-ranges: bytes
content-length: 59344
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.3
81.169.145.143200 OK 59 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 81.169.145.143:0
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 13:35:07 GMT
etag: "e688-5c002ee893c26"
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
81.169.145.143200 OK 5.6 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 81.169.145.143:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Oct 2020 13:03:16 GMT
etag: "15fd-5b22df881e2b1"
accept-ranges: bytes
content-length: 5629
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
81.169.145.143200 OK 11 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Dec 2020 14:59:45 GMT
etag: "2bd8-5b722f1205ba3"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
81.169.145.143200 OK 12 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2
IP 81.169.145.143:0
File type ASCII text, with CRLF line terminators
Hash fddc165482db1b4f50e15c527b48801a
6c14b2ed143dab3683310035210c2abe700e81ce
e5bb920d126441b27d8e5a9a9665dc906da81ea21f26ec3a788b70bd40b26d1a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/styles/style-responsive.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "2f9d-5e9583d97e2b3"
accept-ranges: bytes
content-length: 12189
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8
81.169.145.143200 OK 15 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8
IP 81.169.145.143:0
File type ASCII text, with very long lines (14869)
Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6
678bc6f750f13adb29bbc158eb0d9cd813b736fa
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.8 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "3acf-5eac6ae6ac6d1"
accept-ranges: bytes
content-length: 15055
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
81.169.145.143200 OK 19 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 81.169.145.143:0
File type ASCII text, with very long lines (19233)
Hash d183c598fd582fe997f6782afed84f9b
7799820e0e849e8484543c3360a8d8cc62baa32f
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:33 GMT
etag: "4b4f-5eac6ae661f8f"
accept-ranges: bytes
content-length: 19279
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
81.169.145.143200 OK 35 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP 81.169.145.143:0
File type HTML document, ASCII text, with very long lines (615)
Hash b15244e2e9088c1bd82e443f3f6ea2ec
5017a952ee8f3e8fa592f69d8fd692e74800c018
eabcdac849f25a0284662f136280ded01cd2a74682288f2fce8f27f5561e22e4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "89db-5e9583d94aa60"
accept-ranges: bytes
content-length: 35291
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
81.169.145.143200 OK 52 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2
IP 81.169.145.143:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 937863cd2af636d785af0e8c14de5003
4bbe983ee5f60475b4d3028da30c8b3c023d7034
50bf870be28e04a4f4e075f2c259090c2fb934467d35ba15ac364f6be78d65f6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c951-5e9583d974277"
accept-ranges: bytes
content-length: 51537
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
81.169.145.143200 OK 27 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
IP 81.169.145.143:0
Hash d20fd38e678f8ce9e9157df28741580a
36fd33f0aebe4594b1fe041607ad5c24de287662
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/prettyPhoto/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "6a12-5e9583d8d866f"
accept-ranges: bytes
content-length: 27154
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
81.169.145.143200 OK 31 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 81.169.145.143:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "7917-5eac6ae683ea6"
accept-ranges: bytes
content-length: 30999
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
81.169.145.143200 OK 49 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2
IP 81.169.145.143:0
File type GTA in-game text (GXT), version 10799, used in GTA SA/IV\012- , ASCII text, with CRLF line terminators
Hash 44102ac61c442e9d18cbe62f97351f55
6585ab8cce6f704bdac597070e179512d489b426
0c3d36461dc42b948537816e18dd28bc47f50550b0d1d6c3b483f28821403caa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/styles/style-shortcodes.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "c088-5e9583d9801dc"
accept-ranges: bytes
content-length: 49288
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
81.169.145.143200 OK 29 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (414), with CRLF line terminators
Hash 954a67ef1d330ada883d73bdc015400b
0263e3bd72466a22416998974d9c3f1d23200ac0
d85a1a59ed25d0173a2ea3c757c3504fdfa78d5e37639c513f2ada2f9eb73b25
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/main-frontend.js?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "7308-5e9583d972eea"
accept-ranges: bytes
content-length: 29448
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
81.169.145.143200 OK 90 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 81.169.145.143:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Oct 2021 15:38:23 GMT
etag: "15db1-5cd4c5a8311ca"
accept-ranges: bytes
content-length: 89521
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
81.169.145.143200 OK 69 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2
IP 81.169.145.143:0
File type ASCII text, with very long lines (9171), with CRLF line terminators
Hash 90cb1507c3af20339f9e8f06f7de96d8
2b0d4a712790dab29e2947afe1fb7606d3a88041
2b25de735ba1557e9e694bc2301897f1b7a8eeaf49b503e8e8d52e3a52f6a800
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/bootstrap/css/bootstrap.min.css?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "10f3f-5e9583d8a98c3"
accept-ranges: bytes
content-length: 69439
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
81.169.145.143200 OK 64 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2
IP 81.169.145.143:0
File type ASCII text, with CRLF line terminators
Hash 914691f1d96f777c171b750e372b0653
c3e3ce40e200c3313ebf7cfa080911f86a9cdb0d
53d8207647b52ec625a9aa50384248b7995c2a1c28d71bf08587ca42495ddd0b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/extentions/bootstrap/js/bootstrap.js?ver=2.3.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:42 GMT
etag: "fb09-5e9583d8b5c09"
accept-ranges: bytes
content-length: 64265
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
81.169.145.143404 Not Found 36 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
IP 81.169.145.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash fbc82729c5d2acad71f525df68b5c185
774b681451050b9aecfded58d8157f38afcb043d
ed87ee523a1063a85f6169370d79caf537a65d8bb66934b4f99600883138c8ff
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 04:16:51 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
81.169.145.143200 OK 8.1 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3
IP 81.169.145.143:0
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/grow/lib/scripts/plugins/waypoints/waypoints.min.js?ver=2.0.3 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "1f73-5e9583d96f09f"
accept-ranges: bytes
content-length: 8051
content-type: application/javascript
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
81.169.145.143200 OK 77 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 81.169.145.143:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 11 Oct 2022 18:45:34 GMT
etag: "12d68-5eac6ae6a2a8b"
accept-ranges: bytes
content-length: 77160
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
81.169.145.143200 OK 18 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2020/02/Crest.jpg
IP 81.169.145.143:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 188x175, components 3\012- data
Hash 607d6e99ab7888e3428cf1c488984fc0
c851a59714b86d1a3316f4897e449ac348cc78fa
057eb7883e4539238ad411ac894b3a4f38aaa64d0fca9da64437f211b99aff3a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/02/Crest.jpg HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:09 GMT
etag: "452e-59f00770fac2d"
accept-ranges: bytes
content-length: 17710
content-type: image/jpeg
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
81.169.145.143200 OK 35 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2020/02/PGA.png
IP 81.169.145.143:0
File type PNG image data, 175 x 175, 8-bit/color RGB, non-interlaced\012- data
Hash 9b10c6d00f12855346357940646fb7a2
c347afc5b3b38bb8ae4ea8e0fce6b7ce0566d297
1338281d8454d0fe94426c466aa0ee850abdd45093158abff5385567fbf43236
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/02/PGA.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Feb 2020 11:47:10 GMT
etag: "88b0-59f00771424b6"
accept-ranges: bytes
content-length: 34992
content-type: image/png
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
81.169.145.143200 OK 13 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-content/uploads/2021/02/images-e1613926147447.png
IP 81.169.145.143:0
File type PNG image data, 147 x 175, 8-bit grayscale, non-interlaced\012- data
Hash c5a7ed4f83b1844d2760855b506eecaa
3a4921d3a2e26ac9c1ffc2d4d6cc95611ec4195a
bd3ed10df7d96e9a4add932754284b49c4971d769c872d6b364001d1675c32a5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/02/images-e1613926147447.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Feb 2021 16:49:07 GMT
etag: "32ad-5bbdb76bde525"
accept-ranges: bytes
content-length: 12973
content-type: image/png
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive
www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
81.169.145.143200 OK 503 B URL HTTP/2 www.golfschule-mcqueen.de/wp-content/themes/grow/style.css?ver=1.5.2
IP 81.169.145.143:0
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/grow/style.css?ver=1.5.2 HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:34:43 GMT
etag: "26b7b-5e9583d99b730"
accept-ranges: bytes
content-length: 158587
content-type: text/css
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3767
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:16:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8wGo-DXHbBkHTL0pga_Er5trO69wmUsUc7oOSz4zJ8yskzOVjF98Zg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:59:31 GMT
age: 22642
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkk3lDqVtpedvxCxGrNyJVjGIW6-VJqpMgBxHjaRatILglKJ96Tfvg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23417
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83541a1138889c5e692e7021c073f990
b42a826513836e4bad11289a5ccec0966d0c6d11
7467154701943711c92a10449baf4f7eac42b31046f17778667db5ba673dd67f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11434
x-amzn-requestid: 0970e5a1-a1dd-4685-b2a2-b748327b5e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOOEwHoAMFWzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58e-30834eff039ef76267bf3459;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IGk98fgPhfTOLjKNa2rJJICeulHimmnIuJOSY9jJ31Lb6EXLozwT1A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:01:50 GMT
age: 22503
etag: "b42a826513836e4bad11289a5ccec0966d0c6d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:14:18 GMT
age: 21755
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72d843f94f06a00091ded227a40f24f7
7becba083c646f4715513e07d297ebc56f9d22ab
407d2ea28f44456af3f0f7b7f594703b08d15a5d682756bcad17de85dce65cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8361
x-amzn-requestid: 23942897-d28e-4661-b941-1c8eb5ae9735
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelO4E4BIAMFcpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b592-4df057fb403df49841961951;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:46 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ybm5nbcEOMZT4vaC5dx7ji-VXg11O3AUZFfE42y418bv-QU0ntK_MQ==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23417
etag: "7becba083c646f4715513e07d297ebc56f9d22ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/favicon.ico
81.169.145.143302 Found 0 B URL HTTP/2 www.golfschule-mcqueen.de/favicon.ico
IP 81.169.145.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 24 Oct 2022 04:16:52 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/8.0.24
link: <https://www.golfschule-mcqueen.de/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent
location: https://www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
content-type: text/html; charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ad00d9f89cc4d7f29fd53f89b4545f3
c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7
6d8e82f5aced08627c83945bc8f011bbaea66789427624baaef5104858472ea2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 5085f7ea-72de-43e0-a670-d221fc6af736
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelBzHcPIAMFpqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1c4bfd5c56b0af173eb43001;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pCvtOb9B5beB4xJFbTvDQxO37bcXmPVCAwUOw7hOZLHTe_W-ii4T6Q==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:35:31 GMT
etag: "c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7"
content-type: image/jpeg
age: 20482
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
81.169.145.143200 OK 4.1 kB URL HTTP/2 www.golfschule-mcqueen.de/wp-includes/images/w-logo-blue-white-bg.png
IP 81.169.145.143:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.golfschule-mcqueen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.golfschule-mcqueen.de/wp-content/themes/golf-wordpress-theme/images/image.gif?4ea55=2899197
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 01:35:09 GMT
etag: "1017-5a7c4f894c834"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 24 Oct 2022 04:16:53 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2