beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
217.160.0.82302 Found 334 B URL HTTP/1.1 beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
IP 217.160.0.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fad70f0a4e45be878f76c13c850a5c59
6fb6401c8277addb751dd24677e19f9a74eeb1ad
71c3e1ce79c5f7bcc5f3ceb82194598cb60ef6975e9114516b3d77d26d55f98b
GET /mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 23 Mar 2023 09:41:11 GMT
Server: Apache
Location: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 10:41:11 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2291
Expires: Thu, 23 Mar 2023 10:19:23 GMT
Date: Thu, 23 Mar 2023 09:41:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8689
Expires: Thu, 23 Mar 2023 12:06:01 GMT
Date: Thu, 23 Mar 2023 09:41:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7009
Expires: Thu, 23 Mar 2023 11:38:01 GMT
Date: Thu, 23 Mar 2023 09:41:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 09:27:32 GMT
content-type: application/json
age: 820
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iD9mRO6lpFLlMocSpHUJAsofo9eJ/eC36DT8gzY2p+xqW6WBMYINN5CllYeJiHa5xZA/j2kr6WGhm7RUnfy2TQ==
x-amz-request-id: 25KC1PDZGJN7KZ4S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 08:59:53 GMT
age: 2479
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 09:41:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 09:17:23 GMT
age: 1429
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3531
Expires: Thu, 23 Mar 2023 10:40:03 GMT
Date: Thu, 23 Mar 2023 09:41:12 GMT
Connection: keep-alive
push.services.mozilla.com/
54.186.17.145101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.17.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z0Z34mRisihEGFhIL49CWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ElPgalATW+Y1Jy9i2oVL/sk+Ek=
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
217.160.0.82200 OK 1.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
IP 217.160.0.82:0
Hash 10c981e414531fa371a637383e3dda5d
e2eb307cc499ca898057281a79bedf5dae815112
b67fe501c225e5344329978185446dc4677ba93a75b837a3ab7db8bcae8b0746
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1085
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Sun, 19 Feb 2023 10:45:17 GMT
etag: "b2b-5f50b3dffe989-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
217.160.0.82404 Not Found 19 kB URL HTTP/2 beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
IP 217.160.0.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10215), with CRLF, LF line terminators
Hash 2fd8760a8e93c604e0d89354d2ba2320
3c47619a2c1c9a68e8304c27fe8a63ab989f6be8
b5b4d11e4f77f0288485baf10367316a9b2a22dce0c194b9b2e028d3d1669081
GET /mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 09:41:12 GMT
server: Apache
x-powered-by: PHP/8.0.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome-child/style.css?ver=3.0
217.160.0.82200 OK 255 B URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 217.160.0.82:0
Hash 4c546bef72cea08f3fb9e7a15b3f2fea
d46fd4b1be34a8587772fe93bacfe5d5ff6275de
cfaa83fd3580ddfaad5e08fe11a86fc1b9a342592c6b8d41de0e474bee6c0401
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 255
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Mon, 11 Apr 2022 14:14:33 GMT
etag: "16c-5dc61904490d0-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 09:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beta.medi-buy.de/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3
217.160.0.82200 OK 38 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d9479e5834504958b77427a097f67a56
e9e2ca13e44f3020cdfa6895ca32ca6d17c179b6
d40c5197bad5e0693f82f85a238454b9380156c8c290448662a7256c1f344eae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 38164
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "2396e-5eff1d1bb6274-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/04/logo-medi-buy.png
217.160.0.82200 OK 5.8 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/04/logo-medi-buy.png
IP 217.160.0.82:0
File type PNG image data, 237 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash cae0fbb297641424c5c6e18e99618c84
27ee112414d5c5176eabac02efca27c98ab50ad0
867806f0540ef5e1e1a55abafbb8e614ccc4cd1b0288f952e36d408cdba0a1c4
GET /wp-content/uploads/2022/04/logo-medi-buy.png HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5835
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Mon, 11 Apr 2022 13:13:16 GMT
etag: "16cb-5dc60b511ed13"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
217.160.0.82200 OK 4.6 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 217.160.0.82:0
File type ASCII text, with very long lines (11126)
Hash 7cec71a53f4e94ce6da66a0fd94b9e5c
ac8f00b06df2956b97202b24ce8d818934283b5b
9bdd49aa215000ec53e722aa93cbe0e30f509bd1430ac5b5b509bf9b78a78d31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 4563
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Tue, 11 Jan 2022 09:32:10 GMT
etag: "2bd8-5d54b209d5a80-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
217.160.0.82200 OK 36 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 217.160.0.82:0
File type ASCII text, with very long lines (65447)
Hash 7709426ef505a524f8272e713d6c4416
e6148d59d45f8b14267b57668e86ebe354736702
300a03ba59df3679b421cb714b090711ac35ded90968be33f8865caed25b71ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 36199
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 10:45:43 GMT
etag: "15e54-5ec7a8adf4edc-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
217.160.0.82200 OK 12 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
IP 217.160.0.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1d91bdaaf26bfd05d505c9e15b5e3ed2
426c45cb5bfdf27b92bdb619189e07a8f0d2d547
a64854b1ecec32e5916cedd39687628f4995fbd89c4b1dd78d706726627954dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 11636
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "1443d-5f75cae4cb7cc-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
217.160.0.82200 OK 3.3 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
IP 217.160.0.82:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 1d4240e830f67b71f49b76ca60fe5afb
b8adf1e7767776257c352e30299b7d852b48a31f
cf2dceea94c7e0f9b6f040da3c129deed1a525ff4fa8ec30f17988de9067bffc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 3348
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Sun, 19 Feb 2023 10:45:17 GMT
etag: "2945-5f50b3e00d3e9-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
217.160.0.82200 OK 4.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
IP 217.160.0.82:0
File type HTML document, ASCII text, with very long lines (12948), with no line terminators
Hash 98a6cb422d67b1d0a37d0a1e9c05fc1d
fcbd2f9fb45f91bf6af1bc1a81c89dfd4e76a444
d84c2d0adef69ac7660b2f6311c0f5360ec75954f65e7603abc2abe161ccf13a
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 4679
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Sun, 19 Feb 2023 10:45:17 GMT
etag: "3294-5f50b3e009569-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
217.160.0.82200 OK 7.3 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 217.160.0.82:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 4f55873537fd656f53e8c0edb2e14d75
180992994a9f4191e351bb772a7186a919cc6318
8106407d9aba57e84f5ce91e8a7333f4fa9037f7ac9b034b84066805572a6efd
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 7347
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 10:45:43 GMT
etag: "459f-5ec7a8ada6cdd-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2
217.160.0.82200 OK 721 B URL HTTP/2 beta.medi-buy.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 217.160.0.82:0
File type ASCII text, with very long lines (1464)
Hash 31d28cf829ef7282a64b74233df8d403
d266f07f76290ba8751be662b4a99fe6ab023bf9
bf3bba54e381f6209375f4e5b394e30765ebb82fd3fc004447507fe340e26a03
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 721
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Tue, 24 May 2022 22:45:39 GMT
etag: "5db-5dfc9b747692a-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0
217.160.0.82200 OK 20 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0
IP 217.160.0.82:0
File type ASCII text, with very long lines (56980), with no line terminators
Hash a75dc520d97c02a153035cd83aabe4f6
8df7b4bbed017508aa3ad9fd67d5d344935c560d
3dbbdba42c1fb75acda12bc1962d4e8d131dcf011777ae7c39e71a92e27aa2e5
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 19684
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "de94-5eff1d1c0fff2-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6
IP 217.160.0.82:0
File type ASCII text, with very long lines (31964)
Hash 8862282ce56835e836fb6ff60ab0a342
425ff16d18b5405e95605ed4811fec850db3dbd2
0c61d24056595b76f0a1fada3cf50f85774aa64210a7402a1d48a7d9851ed081
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 16910
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "ebca-5f75cae4c988c-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg
217.160.0.82200 OK 6.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x91, components 3\012- data
Hash 8955444a45e07fd2fdda39264bd29068
e595e57addd904bbb4f05dedf336996c75c77b5d
0520f471c761cf3c418c201ec9b0c297c61427d1b4604e3c5fa434e1a1db3a36
GET /wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6686
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 12:04:26 GMT
etag: "1a1e-5d5757cdbc516"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
217.160.0.82200 OK 5.8 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 217.160.0.82:0
File type ASCII text, with very long lines (15660)
Hash 5dd90c13d1cb6624cba0f3bc7828c4bb
734a400e956fed5389a6e20fabf89327710cf6eb
e573bfe941e733fe9f4580cd6fd65468cf7398b6403488229dbbd7687c42f55c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5792
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Tue, 24 May 2022 22:45:39 GMT
etag: "48b9-5dfc9b747b74a-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3
217.160.0.82200 OK 5.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (13072)
Hash 061693c5c5ad1ec48ba95af7f8643a3d
b94f72bb8c9b8592bee7186b672e192cf23aff11
6eb78918e3ac98d13ca3ddce999aca6b26e6b665b6466e4e5e8049f3e885fe8c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5714
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:36 GMT
etag: "3f6d-5eff1d2359390-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
217.160.0.82200 OK 2.6 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 217.160.0.82:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash d6d00b09c3b40edaf2e76222eae3545e
12ef01d387b922e551eabf52b7801cedf57dfe72
143a3d934ed5b7fe804a9b1fa1da7e3ee33a6a63f2ea37f3be84f54e148846e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 2641
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Tue, 24 May 2022 22:45:39 GMT
etag: "194b-5dfc9b73de3ab-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3
217.160.0.82200 OK 7.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 7068, version 1.0\012- data
Hash 48c36cf085b90e204ed78cf3b5925098
8708b0fff49904b989ea4d62291957dd827dd254
8bdd2549e2df32257d86d141069f086600680d6132d18143617f0289d8926414
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 7068
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "1b9c-5eff1d1bb6274"
accept-ranges: bytes
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16556, version 1.1\012- data
Hash 204229ac29208812c364bd69a5873249
827aa06d1fb96d497ea39a9a313f0535972a0d45
1e86591b39be2da705365b6095091b6597c65de407663af7fdd93425f8bcfb2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16556
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "40ac-5eff1eb038609"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16568, version 1.1\012- data
Hash 23facbf845d56af99e5a7d8d6eb0b74e
b0270e9c1081ba45dc2d7bee632e30770ac1fe1b
06740bed37ae127653a71aafd5ef45de0238e7622639a9ab6dbf1f2144890a0c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16568
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "40b8-5eff1eaff5f8b"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff
217.160.0.82200 OK 16 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16532, version 1.1\012- data
Hash 5658587e268e0a5319c14210a31c2625
9b13f9bc1b393692f51e64a9410db358045d194b
36063bc10841f02b28ef7b3fa2581f2ce71de9679b87b3c493e7242a86e78f6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16532
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "4094-5eff1eb07bc28"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6e965ba75b84abf96ca0d83da48d2fbb
4c2eb4c06cabee4d0f0606e88e9e074e2f767168
4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: max-age=108169
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 09:41:13 GMT
Etag: "641b0ce4-1d7"
Expires: Fri, 24 Mar 2023 15:44:02 GMT
Last-Modified: Wed, 22 Mar 2023 14:12:52 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg
217.160.0.82200 OK 10 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 9a09f869040091ac4908de6c4beabda9
77e90e31d48095d1ba5cd3b3ef4c428245576385
8fe3ea176e78283acce9df187516293b11e7ebbdcf13dd264ef26097e3dea90c
GET /wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10017
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 15:25:46 GMT
etag: "2721-5d5784ced7768"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg
217.160.0.82200 OK 1.2 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 08a610c7e0167cb173f5720fc161456d
ee0192a063737abfbca328a38f09c342e95b3608
1e8ee95ff4b31ef5ccd7d34abef99ca5c2a58da401694fab1bfdc89e514f759b
GET /wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1231
date: Thu, 23 Mar 2023 09:41:13 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 15:25:47 GMT
etag: "4cf-5d5784cee61c8"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:13 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3
217.160.0.82200 OK 2.0 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (5448), with no line terminators
Hash 541fb28dea48f095bf384acb19acc677
9a7fded0e02ea0a9e95003de324bef607ea0a9e1
be30ee71ee5ba9714b9bd2d16861d3d8a56339c7c137bf0ad75d6ad553600654
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 2026
date: Thu, 23 Mar 2023 09:41:14 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "1548-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:14 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3
217.160.0.82200 OK 3.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (10850), with no line terminators
Hash ced7b86c969aca4cf677893965b9ae5c
db6e15ec99dd0285187356f33de2d420b8781c8b
b519f5e28be29a411d77768b8742011bdfe14f95a528453c3c660a9d32e09526
GET /wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 3747
date: Thu, 23 Mar 2023 09:41:14 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "2a62-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:14 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3
217.160.0.82200 OK 5.5 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (16876), with no line terminators
Hash 0c3a21adfadef95c78e5ffebd384e28a
d97f515e1d5e6f71d521756e6c5736245dfbd31a
29a1a55aac54924ceca7bd86ede08bfb7fff19ddc6e7e21d812c77350c0d3a44
GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5476
date: Thu, 23 Mar 2023 09:41:14 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "41ec-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:14 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3
217.160.0.82200 OK 8.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (20237), with no line terminators
Hash 62c52004fe55e8192fcf534c4981a87a
a3ac5df1b4421a29fa60d0da1c5cf1cfa7275d7c
b94294fd3777a51e0d1dae53c4e8c8191d0f727b382dbb69142f61f4cb1caccf
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 8133
date: Thu, 23 Mar 2023 09:41:14 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "4f0d-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:14 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3
217.160.0.82200 OK 16 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (49588), with no line terminators
Hash 710b8bf06205a382e8c03d91ac18e003
66794fdabe272a6c2ff33a030839c7f860d3e024
e44a5b1c318afff2c356ad6cdd49679a6d68a935dcd67ac63b56479414a278c5
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1785/eb84cee128ac602d083b15c955e93421/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 16244
date: Thu, 23 Mar 2023 09:41:14 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "c1b4-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Thu, 20 Apr 2023 09:41:14 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Thu, 23 Mar 2023 11:11:15 GMT
Date: Thu, 23 Mar 2023 09:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Thu, 23 Mar 2023 11:11:15 GMT
Date: Thu, 23 Mar 2023 09:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Thu, 23 Mar 2023 11:11:15 GMT
Date: Thu, 23 Mar 2023 09:41:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
34.120.237.76200 OK 120 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Size 120 kB (120220 bytes)
Hash e57ee26c551ef515a1dd3df4e37b037a
9c3837a2ab1d94bf5e3209daae17a77d0b4fcefb
0e8fd3854c36c9d02bcf798d15f009cd65695ea92978fee4b8076cbcd4ee1cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9550
x-amzn-requestid: 0c3d2b49-9407-4d12-930a-83e585c165b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBF7kFvwIAMF43g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b6b0-59461f0119abb54f773150a0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:16:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wVn33PkqDp-KFwzsDiNz8uSRuW2lwBLllYsQevboO6qidq1OkL-X5Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:33:44 GMT
age: 40050
etag: "e41ca3e0550e74562b0374565225444ffb977c4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:02:44 GMT
age: 57605
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31ad983ec21e3dee7b6083bc04742aee
a98933e2845c02158175a54d9648f12086a96569
8cb18730db03dd8727b2ff42ecfa7885b9e8dbe3c37c08b1ad0c67e629338b95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5915
x-amzn-requestid: 1c6acb42-48cc-4113-a8d0-6a811cd16613
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xXaGUVoAMFwIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64156295-0edcaad90df031882fa7457c;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:04:53 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 6f6NSPPmIBAP_pxmZuHRz6WJJjnp3NIO26SNyKYhq2FikQkP5hOe7w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:58:52 GMT
age: 42142
etag: "a98933e2845c02158175a54d9648f12086a96569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 6410
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: k6VaCG5oTQnKOvKJnleVqxIIc9yOgdOL0oPcL0ZSVw7DZQ8_GzFoZQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:43 GMT
age: 42811
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d24dfcd9f0afe0e4077384f16cc494
76213c7d5c759471ed3823888860f918ac7e8f13
fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7083
x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHY_gFu8IAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:51:03 GMT
age: 42611
etag: "76213c7d5c759471ed3823888860f918ac7e8f13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
217.160.0.82200 OK 19 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 18912, version 1.0\012- data
Hash f937643e9e2d39b98a3ae9ada057e740
fe2534a5e2bf00d090f50ba03a536a0e76e8e9a6
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 18912
date: Thu, 23 Mar 2023 09:41:15 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "49e0-5f75cae4c2b2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
217.160.0.82200 OK 19 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 18796, version 1.0\012- data
Hash e5ab24fb2b666576b0f199e25e1b5c09
cf8cfb1025573f69d37688b617931ff10da62fd8
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
Cookie: _ga=GA1.2.188391641.1679563083; _gid=GA1.2.822701100.1679563083; _fbp=fb.1.1679563083029.1078326262; _gat_gtag_UA_217443978_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 18796
date: Thu, 23 Mar 2023 09:41:15 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "496c-5f75cae4c3acc"
accept-ranges: bytes
X-Firefox-Spdy: h2