itmdf.de/ups.com/WebTracking/FS-17532695/
81.169.145.152301 Moved Permanently 257 B URL HTTP/1.1 itmdf.de/ups.com/WebTracking/FS-17532695/
IP 81.169.145.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a60c8812511da7826121ffdf23cdb3e7
26aabc1531785904ad509f546763866b50a9346b
b1d9b3ea1cc7c8ebc55b427ec4e5ae9968ad2ecb2757f8718817d3f0bafca055
Analyzer Verdict Alert fortinet Malware
GET /ups.com/WebTracking/FS-17532695/ HTTP/1.1
Host: itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 18:07:57 GMT
Server: Apache/2.4.54 (Unix)
Location: https://itmdf.de/ups.com/WebTracking/FS-17532695/
Content-Length: 257
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3880
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 18:07:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6899
Expires: Thu, 08 Dec 2022 20:02:56 GMT
Date: Thu, 08 Dec 2022 18:07:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 08 Dec 2022 21:07:12 GMT
Date: Thu, 08 Dec 2022 18:07:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 17:08:13 GMT
content-type: application/json
age: 3584
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZZB+khv0lZ/EdeeA89zVrFNyvU3vB3TkIFNDkWzbD7tBoMsBXKurTJMDq9H9HYa4L65kq0tNQ74=
x-amz-request-id: DAT6VJB146NS8VE2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 17:48:00 GMT
age: 1197
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 18:07:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb73e2131407869d26dae1e88e330c7f
5041a48e0d14d8282b6fec468e02575690cf405b
f49a760af6f8fc47dbd933cd78418bfa79535d5e8e8e5383bd5fee78356795de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 18:07:57 GMT
Server: ECS (amb/6BC1)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 18:07:55 GMT
age: 3
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1536
Cache-Control: max-age=141870
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 18:07:58 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:32:28 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cXxTasROQ4q3RZjcsjpBVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SYnDpHvT7yTyObGY40Z8Wz4wWFA=
www.itmdf.de/wp-content/themes/it-muehldorf/css/bootstrap.min.css
81.169.145.152200 OK 110 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/css/bootstrap.min.css
IP 81.169.145.152:0
File type ASCII text, with very long lines (65371)
Size 110 kB (109518 bytes)
Hash 385b964b68acb68d23cb43a5218fade9
58a360d7ef24d8d05737db1712dd5c086597e862
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
GET /wp-content/themes/it-muehldorf/css/bootstrap.min.css HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 10:17:57 GMT
etag: "1abce-4feedc5423f40"
accept-ranges: bytes
content-length: 109518
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/style.css
81.169.145.152200 OK 4.0 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/style.css
IP 81.169.145.152:0
Hash ada16035170fc651f6931e6fa32efb55
4538c627c54ba7368dd25695e6c7240f7daf55e6
1b1d69682d3276462ccf3732a312bc41c97b1399a7d0dfffe12e0132b5f2f11c
GET /wp-content/themes/it-muehldorf/style.css HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Jul 2014 15:44:18 GMT
etag: "f92-4ff7f25443880"
accept-ranges: bytes
content-length: 3986
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/omgf/ls-google-fonts/ls-google-fonts.css?ver=1664350855
81.169.145.152200 OK 7.5 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/omgf/ls-google-fonts/ls-google-fonts.css?ver=1664350855
IP 81.169.145.152:0
Hash 43639bc714a8d1098748e0231f69a611
1a4e47f8d8c14b4ef8975d78796495dba6e7ffc3
3652977cbbae062b898a1b626c8659d80f2fe9c069b237e7fc28ce1b09bfbf7f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/omgf/ls-google-fonts/ls-google-fonts.css?ver=1664350855 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 07:42:24 GMT
etag: "1d3f-5e9b7e6d8ff27"
accept-ranges: bytes
content-length: 7487
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
81.169.145.152200 OK 23 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2
IP 81.169.145.152:0
Hash 6acffaf4f6c42554546d13d60e7fa294
836b5bfe339b33e508e91d7429906025a52b2e03
39eadd1cbab3247462a6e2c98e375d19e3e6e9b7a52bcf5996f396b83e82fc85
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.9.2 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jan 2020 14:50:37 GMT
etag: "5883-59d5c9481a8f5"
accept-ranges: bytes
content-length: 22659
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
81.169.145.152200 OK 89 kB URL HTTP/2 www.itmdf.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 81.169.145.152:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 08:14:56 GMT
etag: "15b64-5e9e096dd9705"
accept-ranges: bytes
content-length: 88932
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
81.169.145.152200 OK 11 kB URL HTTP/2 www.itmdf.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 81.169.145.152:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Jan 2022 09:04:25 GMT
etag: "2bd8-5d6645f34d04e"
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 18:07:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.itmdf.de/wp-content/themes/it-muehldorf/js/bootstrap.min.js
81.169.145.152200 OK 32 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/js/bootstrap.min.js
IP 81.169.145.152:0
File type ASCII text, with very long lines (31650)
Hash abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/it-muehldorf/js/bootstrap.min.js HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 10:18:01 GMT
etag: "7c4b-4feedc57f4840"
accept-ranges: bytes
content-length: 31819
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.2
81.169.145.152200 OK 24 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.2
IP 81.169.145.152:0
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 11c35109ea6d2f84352091094f7faf4f
0fef4cbec913fdd09ab0389af8499454ecb8948a
e60fbf0bdc14cbc9e44557e622bdd1864f5556b72b7d9f46e0f039aed2f4840a
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.9.2 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jan 2020 14:50:37 GMT
etag: "5d17-59d5c948713c9"
accept-ranges: bytes
content-length: 23831
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.56
81.169.145.152200 OK 25 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.56
IP 81.169.145.152:0
File type ASCII text, with very long lines (25006), with no line terminators
Hash 5d870d10d194a3ea68fc28914cce53d1
ab247443c454150bcdf857106d45baf114d6c958
9287ed575f7faa32702231c42baca76be506d05a8c6f14087edb1a810f7d939f
GET /wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.56 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:52:17 GMT
etag: "61ae-5e9e045e0a2ed"
accept-ranges: bytes
content-length: 25006
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:13:37 GMT
expires: Wed, 06 Dec 2023 22:13:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 158062
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
81.169.145.152200 OK 26 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
IP 81.169.145.152:0
File type ASCII text, with very long lines (25961)
Hash 924c4330ff4cc8da91b1d3193aba9dbb
0e2c1df265aabb608d2a50c73f07ae6280fa2c93
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f
GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 07:23:31 GMT
etag: "6591-5e9b7a34be7fb"
accept-ranges: bytes
content-length: 26001
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
81.169.145.152200 OK 122 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 81.169.145.152:0
File type ASCII text, with very long lines (32100)
Size 122 kB (122239 bytes)
Hash 10854230dc640429bbe3828f9273c883
d1c970250a8d88d49d70d05978059fb2114cdaa3
0d5d31daf049b4444184f5a7dab253c49bf1ba86b1ce5e182c0ca99dae382804
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jan 2020 14:50:38 GMT
etag: "1dd7f-59d5c948769d3"
accept-ranges: bytes
content-length: 122239
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/img/logo_itm.png
81.169.145.152200 OK 21 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/img/logo_itm.png
IP 81.169.145.152:0
File type PNG image data, 326 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash fe3440cc9e019a14904d6beddd2d981f
034ccdca7fc15b5a8d886d88838b760c43cb51a3
a1b29a10bc4ee2fd70ca005ae2a27174b515648dd9c08a847c36c1eacad2859b
GET /wp-content/themes/it-muehldorf/img/logo_itm.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Jul 2014 15:34:10 GMT
etag: "50b0-4ff7f0106e080"
accept-ranges: bytes
content-length: 20656
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
use.typekit.net/bxa6qrg.js
23.33.119.19200 OK 7.1 kB URL HTTP/2 use.typekit.net/bxa6qrg.js
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4726)
Hash fbd294b466310e3f55b93d78aaf45e80
65fa2b552835113693ed2c323cffe69669499638
1333dac78687b717b72b1dc7623b7b5ad6eb00e0b9f45c25cda4bdfd003d9fe7
GET /bxa6qrg.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7051
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.56-7
81.169.145.152200 OK 40 kB URL HTTP/2 www.itmdf.de/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.56-7
IP 81.169.145.152:0
File type Unicode text, UTF-8 text, with very long lines (32559), with CRLF, LF line terminators
Hash d2182be29bb440ba445e160434b97f68
b674689581b4f4ebf1e13fa9033bc65ce06e3f4a
92e685a4e1e5a96b83019116aa5cb9091544737ffd40ac139866b7f68a27822b
GET /wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.56-7 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:54:07 GMT
etag: "9de7-5e9e04c6d2240"
accept-ranges: bytes
content-length: 40423
content-type: text/css
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png
81.169.145.152200 OK 472 B URL HTTP/2 www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png
IP 81.169.145.152:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
GET /wp-content/plugins/borlabs-cookie/assets/images/cb-maps.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:52:17 GMT
etag: "77f8-5e9e045dfbc8b"
accept-ranges: bytes
content-length: 30712
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
81.169.145.152200 OK 19 kB URL HTTP/2 www.itmdf.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 81.169.145.152:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 08:14:58 GMT
etag: "48b9-5e9e096f739d7"
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-dynamic.svg
81.169.145.152200 OK 4.3 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-dynamic.svg
IP 81.169.145.152:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4264)
Hash 9589c90c4b14a74a7d6067935e347cf2
844e42dacc1ecdf47e92bb3dfda07ad8601fe25e
48e369556efd61eaa0d94641e250a9e4cf287d1fd67af1be760aa79c80b2c342
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-dynamic.svg HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:52:17 GMT
etag: "10a9-5e9e045e00676"
accept-ranges: bytes
content-length: 4265
content-type: image/svg+xml
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/img/bg_grey.png
81.169.145.152200 OK 15 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/img/bg_grey.png
IP 81.169.145.152:0
File type PNG image data, 1920 x 413, 8-bit/color RGBA, non-interlaced\012- data
Hash 14b4c8815d0f5dcffd2595d69b69a6c2
134ab9079a53a02082bb62d73ec9b2556ab34f85
c276e2d381a0d09ab3dad57bf26287b49313f218c8c657733914826390984d19
GET /wp-content/themes/it-muehldorf/img/bg_grey.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/wp-content/themes/it-muehldorf/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 10:17:59 GMT
etag: "3c0a-4feedc560c3c0"
accept-ranges: bytes
content-length: 15370
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/img/icon_red.png
81.169.145.152200 OK 2.4 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/img/icon_red.png
IP 81.169.145.152:0
File type PNG image data, 48 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c8cab4f261c6531013a627cc38365b1
bd1cf58f851dffe9cf15bfdf778c64307aeb6497
c19ad4af7313cb132cbfe262aa5f3cb12dc5356c26b76ce5d13109ed15c5255f
GET /wp-content/themes/it-muehldorf/img/icon_red.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/wp-content/themes/it-muehldorf/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 10:17:59 GMT
etag: "949-4feedc560c3c0"
accept-ranges: bytes
content-length: 2377
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/js/ie10-viewport-bug-workaround.js
81.169.145.152404 Not Found 102 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/js/ie10-viewport-bug-workaround.js
IP 81.169.145.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size 102 kB (101904 bytes)
Hash d096f5c15eb4b1a660fa2dd9290f1669
0b874ec9552fd813c1e5c76e88cc5bef4a5c1c4d
ccb40ace864fad1faa6d1786569583923fae23f454b38848e19ce9be9cd721e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/it-muehldorf/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.itmdf.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/fonts/glyphicons-halflings-regular.woff
81.169.145.152200 OK 23 kB URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/fonts/glyphicons-halflings-regular.woff
IP 81.169.145.152:0
File type Web Open Font Format, TrueType, length 23320, version 1.0\012- data
Hash 68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/it-muehldorf/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.itmdf.de/wp-content/themes/it-muehldorf/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 10:17:59 GMT
etag: "5b18-4feedc560c3c0"
accept-ranges: bytes
content-length: 23320
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
use.typekit.net/af/903b78/00000000000000000000e7fe/21/l?subset_id=2&fvd=n3&v=3
23.33.119.19200 OK 14 kB URL HTTP/2 use.typekit.net/af/903b78/00000000000000000000e7fe/21/l?subset_id=2&fvd=n3&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 14416, version 1.0\012- data
Hash cea6444f91332365cba7786a1a05e600
0fc5c61d778f878cb0d76acb37f89f80a37d7747
011e2aa3d375047588a5e51629d37872a9b6e0867755d36341f794ac981a7b78
GET /af/903b78/00000000000000000000e7fe/21/l?subset_id=2&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 14416
etag: "f5d5de6926209e9235d1d04b766fd20be4027595"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/bbd611/0000000000000000000118b1/21/l?subset_id=2&fvd=n7&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/bbd611/0000000000000000000118b1/21/l?subset_id=2&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15664, version 1.0\012- data
Hash ea01e459f30041f1f7e9b3acb1b2f079
880cb84191932ab51d980b9d65f83a4f017f7863
50e2a642ba06fba6259835fbb5acdf06806ca8d429d2bccb904b32983da92ed0
GET /af/bbd611/0000000000000000000118b1/21/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15664
etag: "76270efe0cc4c713bb2cd83e27eddb60c4242a34"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/0ea6a5/0000000000000000000118b5/21/l?subset_id=2&fvd=n4&v=3
23.33.119.19200 OK 15 kB URL HTTP/2 use.typekit.net/af/0ea6a5/0000000000000000000118b5/21/l?subset_id=2&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15272, version 1.0\012- data
Hash 980ee9efb2bc25081460beb601f0d056
f3db20f925dfa49fa38f1b7b9d3da450117fa6e8
33b5480d67763ec7e0e059c597783ed8b14e976dee0dbbd88cf4e8759870888c
GET /af/0ea6a5/0000000000000000000118b5/21/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15272
etag: "9fe7c044b1e9d5e5ba0dc2b78efbeebe16a4c4ed"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
81.169.145.152200 OK 4.2 kB URL HTTP/2 www.itmdf.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
IP 81.169.145.152:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4190), with no line terminators
Hash 9963658c659cddbdb681dbb5a956e8a7
24db91a6ab35513ee497c08de4192e448a94beec
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:52:17 GMT
etag: "105e-5e9e045e02dcd"
accept-ranges: bytes
content-length: 4190
content-type: image/svg+xml
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
use.typekit.net/af/84549e/0000000000000000000118b6/21/l?subset_id=2&fvd=i4&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/84549e/0000000000000000000118b6/21/l?subset_id=2&fvd=i4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15524, version 1.0\012- data
Hash d85a3b98226b33c2284651fc9d39779f
fc8e687621661f6d5adb354dcf5f22fb8680d91c
4692ea7acf2acd2509016376e741d70977bd7df2060a4d7757cfda192c822cd6
GET /af/84549e/0000000000000000000118b6/21/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15524
etag: "862b80ff564e4a71d7f71586dcb1d96dd59d44c7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/b232d1/0000000000000000000118ae/21/l?subset_id=2&fvd=i4&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/b232d1/0000000000000000000118ae/21/l?subset_id=2&fvd=i4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16072, version 1.0\012- data
Hash 36881f528fd9f2643d2aa65cefd5a4be
4617ddc39f10983ddd8092e042e43e0bf9834a96
1d4de05f0dd1e1fc078f7aabb3a7576a0cf5b10b61396c94c5ef816b5b9d63e7
GET /af/b232d1/0000000000000000000118ae/21/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16072
etag: "228e9faac1f63101e0dd68047470fdae474cfb28"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/e40ebd/00000000000000000000e802/21/l?subset_id=2&fvd=i3&v=3
23.33.119.19200 OK 15 kB URL HTTP/2 use.typekit.net/af/e40ebd/00000000000000000000e802/21/l?subset_id=2&fvd=i3&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 14800, version 1.0\012- data
Hash 6fe26c78694918ef5ab9f521ff64d484
6dc81f0e6de1cc8b4d818f9dc5eac91d9af5050e
c6a01536e20345b82b69be52108cb036475fe84e0760c160600068596331f310
GET /af/e40ebd/00000000000000000000e802/21/l?subset_id=2&fvd=i3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 14800
etag: "fb5a66981c220b3fec023392a00bfe48b7564c05"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/175b3c/0000000000000000000118b2/21/l?subset_id=2&fvd=i7&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/175b3c/0000000000000000000118b2/21/l?subset_id=2&fvd=i7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16080, version 1.0\012- data
Hash 21d8ba5a7f19f04559ef1b586f0f0a53
c079a80819c5130312537ae9710736e5badd2ef1
ab9289749aeae776b038c081ab9dc93315a4ff60e1ef08d77f49a992b2df5c0d
GET /af/175b3c/0000000000000000000118b2/21/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16080
etag: "6be575699d600d37f1e282b248a36066a48f2b98"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ad3298/00000000000000000000e805/21/l?subset_id=2&fvd=n7&v=3
23.33.119.19200 OK 14 kB URL HTTP/2 use.typekit.net/af/ad3298/00000000000000000000e805/21/l?subset_id=2&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 14376, version 1.0\012- data
Hash c7f689a19fbee2d59b6398a301b15b9e
b92b4e359fad587ec56e9a2f7dd5af1f27bdd73d
ddc32ba8df9d3013032aad41ee62e0f64cb362b0ec9e5de0f2902358e28928d8
GET /af/ad3298/00000000000000000000e805/21/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 14376
etag: "feb0a45e749326df1fa43c74913fc69d16a64046"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/c9162e/0000000000000000000118bc/21/l?subset_id=2&fvd=i4&v=3
23.33.119.19200 OK 13 kB URL HTTP/2 use.typekit.net/af/c9162e/0000000000000000000118bc/21/l?subset_id=2&fvd=i4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 12796, version 1.0\012- data
Hash 0daae76b9ae6bd87a2651af1602062d1
1840f533e52a1a5fe8e55e3ae6941ae521273064
16ca2cd858a101437bbe9bcee1e66d4a20db0a0660b93282ddf639149df8a1a6
GET /af/c9162e/0000000000000000000118bc/21/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 12796
etag: "3cd8e9b3150819bdcf22b9f541172765893a1c91"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ca1028/00000000000000000000e806/21/l?subset_id=2&fvd=i7&v=3
23.33.119.19200 OK 15 kB URL HTTP/2 use.typekit.net/af/ca1028/00000000000000000000e806/21/l?subset_id=2&fvd=i7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15276, version 1.0\012- data
Hash 17b0dd0cf777a67c5c3eea348341308e
07f55135b9f9e88b42f6ff36a129667c4df750af
3fef698de095c9879f62090e681a1ae3f213665e2366bd67dd20579d9b7caf59
GET /af/ca1028/00000000000000000000e806/21/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15276
etag: "6ae666c2308ff11409b22ec4ddd1783f8b2f5f1d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/9cb709/0000000000000000000118bd/21/l?subset_id=2&fvd=n7&v=3
23.33.119.19200 OK 12 kB URL HTTP/2 use.typekit.net/af/9cb709/0000000000000000000118bd/21/l?subset_id=2&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 12216, version 1.0\012- data
Hash 8b369520bbdf35f78eb325c793562da8
5c6f3d6c9cc9dc3243ad0925c5a54acbb5891a18
7cab94aae85a7cd6c9f9f7442a93ba12c9cbcfc244ea228037277af8e2a8d3b0
GET /af/9cb709/0000000000000000000118bd/21/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 12216
etag: "a3afeb0a29a9924538bb4335566e26f8f7fad61b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/525f54/0000000000000000000118bb/21/l?subset_id=2&fvd=n4&v=3
23.33.119.19200 OK 12 kB URL HTTP/2 use.typekit.net/af/525f54/0000000000000000000118bb/21/l?subset_id=2&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 11740, version 1.0\012- data
Hash c4ac56e8b9c760916aecea4220eaad24
64681d2794cd08507cdde6dea846e54711d76467
fdd7ce30f84d44bd28088def1eca65300fd0647552c5671bae575f6709f0292b
GET /af/525f54/0000000000000000000118bb/21/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11740
etag: "b2b00dd27363f918387e6e102c2270ff8ffbcf24"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/2a0be1/0000000000000000000118ad/21/l?subset_id=2&fvd=n4&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/2a0be1/0000000000000000000118ad/21/l?subset_id=2&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 16276, version 1.0\012- data
Hash d93c7a82048dc94891d77331a9e796f8
cf051386639ce4ef6b077206632f5478985cc2b3
cc707e6d54ab67791ff3312071a749afaa357b6e0f0b79b679aec9339cf29067
GET /af/2a0be1/0000000000000000000118ad/21/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16276
etag: "32c1eb9bd621e15a401d0acb8d5acc7c16cace2c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/2b2748/0000000000000000000118be/21/l?subset_id=2&fvd=i7&v=3
23.33.119.19200 OK 14 kB URL HTTP/2 use.typekit.net/af/2b2748/0000000000000000000118be/21/l?subset_id=2&fvd=i7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 14016, version 1.0\012- data
Hash 067d66d17be17090f9ec76febfa13be2
5d4af02864044398e2e61f2ceff9c39c1f10de69
241d97904d2146852b461c79818a64e1664092b1e8f5287c5ce6408813f06407
GET /af/2b2748/0000000000000000000118be/21/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 14016
etag: "50a23a136cfe640d96e61d029b01e4828af39fba"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/a9c4fb/000000000000000000011ce6/21/l?subset_id=2&fvd=n5&v=3
23.33.119.19200 OK 16 kB URL HTTP/2 use.typekit.net/af/a9c4fb/000000000000000000011ce6/21/l?subset_id=2&fvd=n5&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15720, version 1.0\012- data
Hash 86dd064d047acb506946113de680e84c
7f430297dc44e5ebc0f45c09abcaf04ea832a688
ba8c65e2e3f5dedb3f7dcb503bfba8c968e7aa077e47d40343083c652bac0354
GET /af/a9c4fb/000000000000000000011ce6/21/l?subset_id=2&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.itmdf.de
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 15720
etag: "0631b84a00ae8fc1d869c2a0c358220d9f8713a6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2014/07/category_sonstige.png
81.169.145.152200 OK 11 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2014/07/category_sonstige.png
IP 81.169.145.152:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash de3cb113ceb9704e023176827a4834df
9044e938d0766641b98fd2ca57dd39b1c6ce494a
7ee2ac241b2393edeef3c92269fd6a40982a69e9e89ed1614ed4a56872e09912
GET /wp-content/uploads/2014/07/category_sonstige.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 16:07:22 GMT
etag: "2b92-4fef2a6dec280"
accept-ranges: bytes
content-length: 11154
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2014/07/category_verwaltungsbauten.png
81.169.145.152200 OK 13 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2014/07/category_verwaltungsbauten.png
IP 81.169.145.152:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ad3d60cbfdd9034d8ceb4286b7d75f4
2c06fe63d0dba93f51b65e2f8a7f8cc6abd5ed1e
1d739ed3cf24c473991e2048dab8055301af4c0428bee915df54a8bc02fc027b
GET /wp-content/uploads/2014/07/category_verwaltungsbauten.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 16:07:23 GMT
etag: "3454-4fef2a6ee04c0"
accept-ranges: bytes
content-length: 13396
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2014/07/category_kliniken.png
81.169.145.152200 OK 12 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2014/07/category_kliniken.png
IP 81.169.145.152:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c82fc2a6d40533119e1316d79983d82
f271f878a19e04f372b8c9341983cb7b4771e334
612267928d172908f506a27ef4c588445ff432e7ab89e388def27040f29a77bc
GET /wp-content/uploads/2014/07/category_kliniken.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 16:07:20 GMT
etag: "301e-4fef2a6c03e00"
accept-ranges: bytes
content-length: 12318
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2014/07/category_schulen.png
81.169.145.152200 OK 12 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2014/07/category_schulen.png
IP 81.169.145.152:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c0145e744a30cdfa6c558902024368
fef1d93711f42899130cfd27f40b786b917fa4ce
da9a6636bbb3ffcbe0f952164a6f038f6518a8f423b64a1295d9aa7a00886f67
GET /wp-content/uploads/2014/07/category_schulen.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Jul 2014 16:07:21 GMT
etag: "303c-4fef2a6cf8040"
accept-ranges: bytes
content-length: 12348
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bxa6qrg&ht=tk&h=www.itmdf.de&f=2005.2006.2009.2010.12784.12785.12786.12788.12790.12093.12096.10415.10416.10417.10418&a=759829&js=1.21.0&app=typekit&e=js&_=1670522879190
23.36.76.184200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bxa6qrg&ht=tk&h=www.itmdf.de&f=2005.2006.2009.2010.12784.12785.12786.12788.12790.12093.12096.10415.10416.10417.10418&a=759829&js=1.21.0&app=typekit&e=js&_=1670522879190
IP 23.36.76.184:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bxa6qrg&ht=tk&h=www.itmdf.de&f=2005.2006.2009.2010.12784.12785.12786.12788.12790.12093.12096.10415.10416.10417.10418&a=759829&js=1.21.0&app=typekit&e=js&_=1670522879190 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 08 Dec 2022 18:07:59 GMT
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2022/09/cropped-itm_favi-192x192.png
81.169.145.152200 OK 17 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2022/09/cropped-itm_favi-192x192.png
IP 81.169.145.152:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash fb69419947cbf788b6427d4bb39ee35e
77b79d5c4921432a0465730850f3e67851e1a8ce
dea296d34e699f2a244466b8b6d5c9e2606a1cd8508890be81428fa39f1fedda
GET /wp-content/uploads/2022/09/cropped-itm_favi-192x192.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:56:41 GMT
etag: "4263-5e9e0559985e8"
accept-ranges: bytes
content-length: 16995
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/uploads/2022/09/cropped-itm_favi-32x32.png
81.169.145.152200 OK 1.5 kB URL HTTP/2 www.itmdf.de/wp-content/uploads/2022/09/cropped-itm_favi-32x32.png
IP 81.169.145.152:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 36582f40cdad47a0d7e1df61642ba222
abe5900716dd30c11d2dbd93b373c34d9a26b51f
8853a60651d7bac1506646f959a07df9e5bb970a5d3211baf114904dea5e5216
GET /wp-content/uploads/2022/09/cropped-itm_favi-32x32.png HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Sep 2022 07:56:41 GMT
etag: "5b8-5e9e0559add71"
accept-ranges: bytes
content-length: 1464
content-type: image/png
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7048
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 18:08:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7048
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 18:08:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7048
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 18:08:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 68115
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 66881
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.itmdf.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
81.169.145.152200 OK 12 kB URL HTTP/2 www.itmdf.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 81.169.145.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Jan 2022 09:04:25 GMT
etag: "15db1-5d6645f357c44"
accept-ranges: bytes
content-length: 89521
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 71198
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 67885
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 33592
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
itmdf.de/ups.com/WebTracking/FS-17532695/
81.169.145.152301 Moved Permanently 0 B URL HTTP/2 itmdf.de/ups.com/WebTracking/FS-17532695/
IP 81.169.145.152:0
Analyzer Verdict Alert fortinet Malware
GET /ups.com/WebTracking/FS-17532695/ HTTP/1.1
Host: itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 18:07:58 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: User-Agent
location: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.itmdf.de/ups.com/WebTracking/FS-17532695/
81.169.145.152404 Not Found 0 B URL HTTP/2 www.itmdf.de/ups.com/WebTracking/FS-17532695/
IP 81.169.145.152:0
Analyzer Verdict Alert fortinet Malware
GET /ups.com/WebTracking/FS-17532695/ HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
date: Thu, 08 Dec 2022 18:07:58 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.itmdf.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/themes/it-muehldorf/js/ie-emulation-modes-warning.js
81.169.145.152404 Not Found 0 B URL HTTP/2 www.itmdf.de/wp-content/themes/it-muehldorf/js/ie-emulation-modes-warning.js
IP 81.169.145.152:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/it-muehldorf/js/ie-emulation-modes-warning.js HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.itmdf.de/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.2
81.169.145.152200 OK 0 B URL HTTP/2 www.itmdf.de/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.2
IP 81.169.145.152:0
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.9.2 HTTP/1.1
Host: www.itmdf.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itmdf.de/ups.com/WebTracking/FS-17532695/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jan 2020 14:50:38 GMT
etag: "1edce-59d5c94899845"
accept-ranges: bytes
content-length: 126414
content-type: application/javascript
date: Thu, 08 Dec 2022 18:07:59 GMT
server: Apache/2.4.54 (Unix)
X-Firefox-Spdy: h2