| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 18:10:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SxaFJd9cYWOAjtwTh29N0BWpAznq1c4TivdCd5H8BzfNYjukoQ6m6A==
Age: 2807
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10940
Expires: Thu, 15 Sep 2022 21:59:36 GMT
Date: Thu, 15 Sep 2022 18:57:16 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9B4Fxd9M5uimMTQU6Dw86lCM6iK7KpXD50-UdA3lp2XVCr4LgjeIiA==
age: 51721
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:57:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 18:03:22 GMT
Expires: Thu, 15 Sep 2022 18:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PqLA63SoJbNty4Ut97d6uk5wRempGh75PSJOXpyvA-HwsN5_Dz7h_g==
Age: 3234
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd597af1ab2f21a983bf0f0d105b94209 9d5dd938777abde094c89066b539141a02106b88 a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:16 GMT
Last-Modified: Thu, 15 Sep 2022 17:58:09 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.69.181.45 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.69.181.45:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XnELfa0t1UYa7jF/Ozr8UA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n1nSW8LLPxKJQjvGo2d5TdNk9p8=
|
|
| gigermd.com/ | 92.43.218.116 | 301 Moved Permanently | 20 B |
IP92.43.218.116:0
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
set-cookie: _icl_current_language=de; expires=Fri, 16-Sep-2022 18:57:16 GMT; Max-Age=86400; path=/
_icl_current_language=de; expires=Fri, 16-Sep-2022 18:57:17 GMT; Max-Age=86400; path=/
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.gigermd.com/
vary: Accept-Encoding
content-length: 20
content-encoding: gzip
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hash55746d0708d92f9e48c36c56f811e68b f4140ca3daf524a08d4b9ca4e6a61f4df53243f9 ff0ed9cab0337f17f84f2d7096a3666c347774ae8714b1f9284078225baeb0b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF0ED9CAB0337F17F84F2D7096A3666C347774AE8714B1F9284078225BAEB0B2"
Last-Modified: Wed, 14 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Fri, 16 Sep 2022 00:56:53 GMT
Date: Thu, 15 Sep 2022 18:57:17 GMT
Connection: keep-alive
|
|
| www.gigermd.com/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.7 | 92.43.218.116 | 200 OK | 1.3 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.7 IP92.43.218.116:0
File typeASCII text, with CRLF line terminators Hashf849bed6191ea5734ec58ace4e390108 f0fb7dfd144e00678b5e6e1fecb0e4bb19f862a3 9d8a85246f85df8ef741014fb38c78892a9eff216aebbb94682020f151cd937b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.7 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:02:33 GMT
etag: "1922-570e1939-250ca3b1bc409232;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1311
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 | 92.43.218.116 | 200 OK | 12 kB |
URL HTTP/2www.gigermd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 IP92.43.218.116:0
File typeASCII text, with very long lines (43771) Hash9f76c05d4aec8a23bbb9131800060916 ba854132574f3add765c016ff6cef2a30bddc5e0 c73bcff8e403046219e8f9dfb99e029b8d58099b8c5fb5f6508127702fd1b275
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Sun, 31 Jul 2022 03:11:50 GMT
etag: "15b64-62e5f2f6-3c7b356184377515;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11658
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 | 92.43.218.116 | 200 OK | 972 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 IP92.43.218.116:0
Hashe355e7e30d2cbeebefa6977790886c3a eccf1c43237a1de702ae36722813fa10d580dd4e 49d452b612934ceb8ce12bfadb85dac2f573d458337a9ae0da76705a8ae8b018
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Thu, 26 May 2022 10:41:57 GMT
etag: "aab-628f5975-709b0bb1018d0412;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 972
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6 | 92.43.218.116 | 200 OK | 13 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6 IP92.43.218.116:0
File typeUnicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators Hash3491b924b6de7ebaffbdc19935110082 8231dd0fa7e0a7c149151a67856b446bf8c65871 99fa372db113ae6d8b79122ba06740a07ce2045a1591f1096bb131f72f277eaa
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 04:01:19 GMT
etag: "eee7-6077ba8f-7ce83aba0cdd4d85;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12972
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/css/bootstrap.min.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 16 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/css/bootstrap.min.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (65308), with CRLF line terminators Hash7c6f349a06561b0ed4b6a4c5b4433a1c debcbff315986e744e7ed7c97cf527db59c4c4a6 812b5c204b8211b7ab6cf19e323c80272e659fc508161703e992fba1067ddf5c
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/css/bootstrap.min.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:03:23 GMT
etag: "17a7a-570e196b-c82b8995dfe80ba3;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 15965
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/css/app.min.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 29 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/css/app.min.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (65536), with no line terminators Hash63ca65a885313213b3b9b40015355182 273705f7d9c9c60f70d0bb2ec962997c1b748a87 1d5028105d65314b0681f16a3f1f0b64b48f58cbf917e59300ef17179c7861fb
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/css/app.min.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:03:19 GMT
etag: "2968c-570e1967-275a22e80016bf0c;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 29025
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 1.9 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with CRLF line terminators Hashb94ba11df987f33ffe1aa4bc9ed5d570 8135d4d08b1d6bae423fa2daa68cfe49741a82b9 91e5edc2a1add5b89cb6461714f6a78b3eb8eadcc2523d0f116080bb72bdfcd2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:12:00 GMT
etag: "1fd6-570e1b70-1513a9c7b9ccc05a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1945
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/css/fontello.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 5.2 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/css/fontello.css?ver=3.0.8 IP92.43.218.116:0
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash19d7e43999c2cdfb19a5c91b58523c6f 42940c4dcde1d64c59f9f84809af6d0578bfb447 1b139eaedec6acc5e10182146566726b2680ff3d018c146c588753a333cffd08
GET /wp-content/themes/kleo/assets/css/fontello.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:03:30 GMT
etag: "67c6-570e1972-52ee8b842fa7af67;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5151
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 | 92.43.218.116 | 200 OK | 2.6 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 IP92.43.218.116:0
File typeASCII text, with very long lines (11256), with no line terminators Hashc2fc17077428d552284c691d25aa3ded b5a0a0fc41e5e19db63b6db787c706c6124cedb6 b239bfb18444bac17be1d684d9a670d5de358c883237aad27e194f71e3c65d17
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Tue, 02 Feb 2021 08:25:22 GMT
etag: "2bf8-60190c72-a3c61746db0eb5fa;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2582
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc86fc6649c7c512abb52fcd62d51ee26 bf241d6c1779668447df444a239d715b6ed46f6d 822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc86fc6649c7c512abb52fcd62d51ee26 bf241d6c1779668447df444a239d715b6ed46f6d 822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gigermd.com/wp-content/uploads/custom_styles/dynamic.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 30 kB |
URL HTTP/2www.gigermd.com/wp-content/uploads/custom_styles/dynamic.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (65536), with no line terminators Hash2a8c0bdb957cb4432f5b73dcef989d99 c0575e6d91df2d9402f80d7c9f61cfb42ff27254 53daa136f9cba0845dcd71b694e83f152f967e6a0e0ad059ff81a8d69ca68719
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/custom_styles/dynamic.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Tue, 30 Aug 2022 09:23:48 GMT
etag: "43b83-630dd724-fa3ae30455bda215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 29801
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.35-11 | 92.43.218.116 | 200 OK | 5.6 kB |
URL HTTP/2www.gigermd.com/wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.35-11 IP92.43.218.116:0
File typeASCII text, with very long lines (28839) Hash3460febe534c0726f8b0a89ab8ed5b3c de2ed308afe88612229d47cbfc6dc338390b7787 15ee5015914c4a6009acdb426f4a39a090a05aa0bf43cc42fc81d8cb63c92544
GET /wp-content/cache/borlabs-cookie/borlabs-cookie_1_de.css?ver=2.2.35-11 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2022 07:23:40 GMT
etag: "8d80-630874fc-a6b4fbe1fee801a8;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5590
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 4.3 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (428) Hash05fd4f97707efa904d45d3b035226a1b c7b1c30ba0352e43902db0c5f25cac95e262c75c 9fa83c82057d79ad535e1f1e0591677a2fddf90df16efa773c1f58c4265a0e40
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo-child/style.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 11:01:13 GMT
etag: "48bc-61641979-275324c793026a36;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4271
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/css/plugins.min.css?ver=3.0.8 | 92.43.218.116 | 200 OK | 8.0 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/css/plugins.min.css?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (43743), with no line terminators Hash8c2bd2db7148cbc052e6261055783185 79a9511dbe30a0e2a62ef52a60d6d597b608fad6 74d0a6e689b3f383db60109497a8cdecbdfdd7849ddadf5a39bad1810199b76b
GET /wp-content/themes/kleo/assets/css/plugins.min.css?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:03:31 GMT
etag: "aadf-570e1973-a686017a49ae769a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8027
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 92.43.218.116 | 200 OK | 4.2 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP92.43.218.116:0
File typeASCII text, with very long lines (11126) Hashc41f3a82e911de81a1817131069bc7d2 1e883290a0b794916cead41e5f0705716fd77b89 e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Tue, 02 Feb 2021 08:25:22 GMT
etag: "2bd8-60190c72-6d8b83e978d8eda3;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/init.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 262 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/init.js?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with CRLF line terminators Hashd853fcff1f5f84fcd54d29d91eda13e9 417f75288f4bc79c2eb69102ff35f4dda524e3db f5f7be8ca3566b715c61fa9247bcd11e38341aac1650db76fe1e8ef71554871d
GET /wp-content/themes/kleo/assets/js/init.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:03:43 GMT
etag: "1ca-570e197f-ee76a1447bc1f10c;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 262
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/modernizr.custom.46504.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 6.2 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/modernizr.custom.46504.js?ver=3.0.8 IP92.43.218.116:0
File typeHTML document, ASCII text, with very long lines (14559), with CRLF line terminators Hash64186f57d7a1f0d32fcc0d90c4cc0035 dcb2ad8e9dbfae6134a7d2ad05d76a4e47fdaed1 8e6cf78584850a55124629379755ce9c2d7f4b2994245c6de8623e632a29fe32
GET /wp-content/themes/kleo/assets/js/modernizr.custom.46504.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:03:43 GMT
etag: "3b76-570e197f-ca3eef78ce79c95;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6187
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie-prioritize.min.js?ver=2.2.35 | 92.43.218.116 | 200 OK | 807 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie-prioritize.min.js?ver=2.2.35 IP92.43.218.116:0
File typeASCII text, with very long lines (1605), with no line terminators Hashe6971f33144f65645db23116776858f6 67f8254ade0467f99550a490acb43bd00bb64270 728816acdcdc752ad709a9948dbdfd13dcdb9423df28e062a12247cafa6ea60e
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie-prioritize.min.js?ver=2.2.35 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 25 Aug 2022 09:06:54 GMT
etag: "645-63073bae-2fef24bbf5e06fd3;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 807
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/k-elements/assets/css/jcarousel.responsive.css | 92.43.218.116 | 200 OK | 866 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/k-elements/assets/css/jcarousel.responsive.css IP92.43.218.116:0
File typeASCII text, with CRLF line terminators Hashc2e71fadb41348875da822470b680533 10e0d950be1e35acc93c911239ef8829256f6d5c 3d6f702f229db331461e1205b2934938af2c684c245340c71f329dfbbc6c4883
GET /wp-content/plugins/k-elements/assets/css/jcarousel.responsive.css HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Fri, 13 May 2016 09:19:28 GMT
etag: "bc2-57359c20-1fbe2486b39f58d0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 866
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/uploads/2016/06/LogoSwiss2_Small.png | 92.43.218.116 | 200 OK | 8.4 kB |
URL HTTP/2www.gigermd.com/wp-content/uploads/2016/06/LogoSwiss2_Small.png IP92.43.218.116:0
File typePNG image data, 185 x 34, 8-bit/color RGBA, non-interlaced\012- data Hash6de0945c0c2ca17d59c854d5ce64f365 7ff3931982d2a51edca042513cd459da2107e10d f021dab8a9fc4c6ac13cf749b4d34e79d71be938cbe42024d425c307baabb2fc
GET /wp-content/uploads/2016/06/LogoSwiss2_Small.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 15 Jun 2016 13:28:00 GMT
etag: "20da-576157e0-29bc33de6bbb5f28;;;"
accept-ranges: bytes
content-length: 8410
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jquery.jcarousel.min.js | 92.43.218.116 | 200 OK | 5.3 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jquery.jcarousel.min.js IP92.43.218.116:0
File typeASCII text, with very long lines (17998) Hash40e700f20be8e8af8101decdbe98b216 afd976dfab0648145d02a7f55fc1ce833cc9a767 3ca06218049bf588a9560db0a697274d04c7b6aec1abea8ea7f82e3bfb775760
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jquery.jcarousel.min.js HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Fri, 13 May 2016 08:42:58 GMT
etag: "46cb-57359392-a7646c44975a926b;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5292
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/assets/transparent.png | 92.43.218.116 | 200 OK | 122 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/assets/transparent.png IP92.43.218.116:0
File typePNG image data, 300 x 200, 1-bit grayscale, non-interlaced\012- data Hash86c58b484b48eac285e131e8b55d2ce7 3d3ee4c137a6f36e5fbee31e21a4d08f2c38d20e 9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713
GET /wp-content/plugins/revslider/public/assets/assets/transparent.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Thu, 15 Apr 2021 04:01:20 GMT
etag: "7a-6077ba90-96e97a3952c59198;;;"
accept-ranges: bytes
content-length: 122
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jcarousel.responsive.js | 92.43.218.116 | 200 OK | 436 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jcarousel.responsive.js IP92.43.218.116:0
File typeHTML document, ASCII text Hash31b1f0911a8d099cbd206a5a80e0f6f9 92929d3d40b6043569de373d1d2d8cad4d85d13f e58d4457f79dbc3145caa48ce003019b858a4189c32af99ada7c4bd552277b89
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/k-elements/assets/js/plugins/jcarousel/jcarousel.responsive.js HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Fri, 13 May 2016 08:42:56 GMT
etag: "59d-57359390-fcf5b275295d984e;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 436
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/facebook.png | 92.43.218.116 | 200 OK | 186 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/facebook.png IP92.43.218.116:0
File typePNG image data, 20 x 19, 4-bit colormap, non-interlaced\012- data Hash9db2d003cbb621facf48f731ddf24de4 5f32ad693d67c14e2bb8ff9bcac07006b8948e29 1f69e3ee764dac6a69b38ac5105cb818af901e535b28fdef81f7bcf08bb2feff
GET /wp-content/themes/kleo-child/images/facebook.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "ba-5757812e-daa479ebcc1c7e3;;;"
accept-ranges: bytes
content-length: 186
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.1 | 92.43.218.116 | 200 OK | 58 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.1 IP92.43.218.116:0
File typeASCII text, with very long lines (65536), with no line terminators Hash057ed0e10921f4cd5b434580c8ee1aa8 705152d1950fbddbf36a1e12401246696a28f4d7 1d6b5061c095363b0ca23f30b3bb41f03e3020ed5e51ab10744a1b82708b574c
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.1 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2016 10:01:01 GMT
etag: "b1c11-570e18dd-ef349d5b4f343b66;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 58107
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 92.43.218.116 | 200 OK | 31 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP92.43.218.116:0
File typeASCII text, with very long lines (65447) Hash554969c8ed0e4b5eece1261c4e1e9cd0 3b514b21c2e26b2caa15054e43ed00184a8ebc38 4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Jul 2021 04:12:38 GMT
etag: "15db1-60ff87b6-23a7f14f4e6bcb91;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30969
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4 | 92.43.218.116 | 200 OK | 47 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4 IP92.43.218.116:0
File typeASCII text, with very long lines (42889) Hash7f1c6ff4846097176fb00c45b4c4a268 68eebf8cf61b64b796727740219785dfeead11a5 ada2a34e0a1ca4391955bb0c8f232dd9d20390170a7de6a57e8b14554aac87e4
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Apr 2021 04:01:19 GMT
etag: "1e437-6077ba8f-680acab1ed64f268;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 47098
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 | 92.43.218.116 | 200 OK | 2.4 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP92.43.218.116:0
File typeASCII text, with very long lines (6475), with no line terminators Hash9939da8da9b306b91ddc5c68ea402d66 4cd4ea5f2dcd09fec713c36cb1c1c31ace0373b5 63b97ebb1748143ca6093d63ccdb14b2748f002df4caddfaa15c1173cb2c4942
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 26 May 2022 10:37:22 GMT
etag: "194b-628f5862-ab58000a61e1e66c;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2439
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 92.43.218.116 | 200 OK | 7.1 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP92.43.218.116:0
File typeUnicode text, UTF-8 text, with very long lines (19138), with no line terminators Hasha0798e1907e23a55c0f4ffebabb1fd48 aae64554a44eb45ae03b497cacfbb56b30cedade 5eb6c2a3b9c101ee2806a07fbd9177c4480db87871bef7d6a760a26dff1bd12b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 26 May 2022 10:37:22 GMT
etag: "4ac6-628f5862-ea5fe736d13586ca;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7098
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/uploads/2018/11/SWISS-MADE06.png | 92.43.218.116 | 200 OK | 94 kB |
URL HTTP/2www.gigermd.com/wp-content/uploads/2018/11/SWISS-MADE06.png IP92.43.218.116:0
File typePNG image data, 3312 x 358, 8-bit/color RGBA, non-interlaced\012- data Hashb7b39a7d5dc886f22c733d71c37a24b1 f5f50eb8a02c8d5c45c50a1eee3c37ff1a6a287c 304f2037be8ee23b9f3f262baed7075ec4fb9e2a7051bb6576c3f516f62ef26c
GET /wp-content/uploads/2018/11/SWISS-MADE06.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 28 Nov 2018 05:10:15 GMT
etag: "1714c-5bfe2337-93ce9f740c8c1a85;;;"
accept-ranges: bytes
content-length: 94540
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/twitter.png | 92.43.218.116 | 200 OK | 257 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/twitter.png IP92.43.218.116:0
File typePNG image data, 19 x 17, 4-bit colormap, non-interlaced\012- data Hashb478b8dbc85ba793ff993de7cac86969 20b310cfff1dc40560b7b478236a44522215f6b6 ede7c741d4444cb475129b813bf94c1659824edc53fa1a344bca85e7ab2e524f
GET /wp-content/themes/kleo-child/images/twitter.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "101-5757812e-ebbacb079703fd88;;;"
accept-ranges: bytes
content-length: 257
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 | 92.43.218.116 | 200 OK | 3.3 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 IP92.43.218.116:0
File typeHTML document, ASCII text, with very long lines (9720), with no line terminators Hashfefe7438c940d44a5bdd62829e75a12f d5cc181e95f22707dc42f96cafb7e2427bddd259 3b731f262c92db3371c06fe72a14b0228597fa317ea09280f8b4e6a0a00c5952
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 26 May 2022 10:41:57 GMT
etag: "25f8-628f5975-6ebdeb2c3953261a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3266
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/bootstrap.min.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 7.5 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/bootstrap.min.js?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (28446), with no line terminators Hash92b8bcc6ec1fd74301aa53d6b8a9eecd 5a8ad99216495c80bc757fba83cf72af002720d5 4f27bcfdc8e8ead95a36cd8390819ba2a274087d2f2108afceb55871a99396a9
GET /wp-content/themes/kleo/assets/js/bootstrap.min.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:03:43 GMT
etag: "6f1e-570e197f-31898277a89c75e9;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7471
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.min.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 7.5 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.min.js?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (20456), with CRLF line terminators Hashb93480ce4438b4df99a018144b4b2f4e 8bbb72dc32b1b448fcd1a62197e3e06172757f22 a2e85a2136deb7fe77a9894bef6d19b9ea2b60f3f85d44f41d5982a300e90ef1
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/js/plugins/magnific-popup/magnific.min.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:12:01 GMT
etag: "5070-570e1b71-531bcc29ce39b666;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7483
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/carouFredSel/jquery.carouFredSel-6.2.0-packed.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 15 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/carouFredSel/jquery.carouFredSel-6.2.0-packed.js?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (37228), with CRLF line terminators Hash9fee103e6b73146c81c48ed27cc1f04f efef40a1bf846f6c3c46c4885d56771b948d4971 80e33913bae967c66672d52633bdfcd70da90979a5b196256fea195f4722c911
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/js/plugins/carouFredSel/jquery.carouFredSel-6.2.0-packed.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:11:59 GMT
etag: "92b3-570e1b6f-cd2e76827812a7c4;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 15006
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/carouFredSel/helper-plugins/jquery.touchSwipe.min.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 4.2 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/plugins/carouFredSel/helper-plugins/jquery.touchSwipe.min.js?ver=3.0.8 IP92.43.218.116:0
File typeASCII text, with very long lines (11576), with CRLF line terminators Hash74ff5ef87562d1d2fc362502ac28d8a0 8d604cb7f7cee78c830922b48ceb97fc421c02c7 5f4d73c31e2a160b6b0b4a1be445ab7fc8651f50c2e494596fcf90fe10fd98f1
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/js/plugins/carouFredSel/helper-plugins/jquery.touchSwipe.min.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:14:02 GMT
etag: "2ed8-570e1bea-10c5774dc2016540;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4159
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 | 92.43.218.116 | 200 OK | 541 B |
URL HTTP/2www.gigermd.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 IP92.43.218.116:0
File typeASCII text, with very long lines (1191), with no line terminators Hash1f494660df27949f722695a8838e9188 0c33b4525fabaa887afbf0ca05d980005caeba07 5502d44579a6015cd0ebbd0bb837194d42c15e1237de1d86d95b9ead29e6cfca
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 26 May 2022 10:37:22 GMT
etag: "4a7-628f5862-46e805829284edc1;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 541
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=4.11.1 | 92.43.218.116 | 200 OK | 9.7 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=4.11.1 IP92.43.218.116:0
File typeASCII text, with very long lines (32003), with CRLF line terminators Hash6d430407881d2fd705e3f8ef97ef5688 720cefbaac640a689d40b9f11ace4b4aee70ceb5 cb6e9a5b1b4776e70d218a163aa6e11ec500ff03b13a467160408f913fc34fa4
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=4.11.1 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:12:54 GMT
etag: "8b2f-570e1ba6-cf3d52222d62f064;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9710
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=6.0.2 | 92.43.218.116 | 200 OK | 196 B |
URL HTTP/2www.gigermd.com/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=6.0.2 IP92.43.218.116:0
File typeASCII text, with CRLF line terminators Hash5c39f973341cdd3906be021c226c6332 d42dc420764ebcbd414dc2dc53dd6083fb39ab55 52a77fe4a4aecf3dee1ef344ddda30f941d095870529ab4451cf606b0330d263
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=6.0.2 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:03:04 GMT
etag: "16f-570e1958-d78416acce1f0a82;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 196
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.1 | 92.43.218.116 | 200 OK | 5.5 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.1 IP92.43.218.116:0
File typeASCII text, with very long lines (18688), with no line terminators Hasha7721f5353bbed120418f51c9b3e1af6 019942ab686ce9565598660010d064bb43471ccb 215c0ce4913f18bb478e3fca9b0722b24d4bf7d729331c0404d0886adcae83d9
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.1 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Apr 2016 10:06:42 GMT
etag: "4900-570e1a32-7f88180b5442710e;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5498
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie.min.js?ver=2.2.35 | 92.43.218.116 | 200 OK | 6.0 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie.min.js?ver=2.2.35 IP92.43.218.116:0
File typeASCII text, with very long lines (22187), with no line terminators Hashba7a3288db6baf290cd8856531303d9f 2ce646e92187ef7898b2370823a167237c76ef62 25dd11a7b93ca8a8fa2553944b750c1ecb3c511182f8c6555c216df5881f8a6b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/borlabs-cookie/javascript/borlabs-cookie.min.js?ver=2.2.35 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 25 Aug 2022 09:06:54 GMT
etag: "56ab-63073bae-23e62aa677f7de02;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6004
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/youtube.png | 92.43.218.116 | 200 OK | 300 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/youtube.png IP92.43.218.116:0
File typePNG image data, 19 x 23, 4-bit colormap, non-interlaced\012- data Hashd45ea9a5f3342b6149457e9f919c34a6 76b80546e0d1a2927ceadf2e57acc530c73998e6 2b93d90c712f3406ba7d40b37d9c078c49c2ecaec2dda209054883add41550ae
GET /wp-content/themes/kleo-child/images/youtube.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "12c-5757812e-e33a233d8940694b;;;"
accept-ranges: bytes
content-length: 300
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| gigermd.com/wp-content/uploads/2016/03/logo-gigermd.png | 92.43.218.116 | 200 OK | 2.1 kB |
URL HTTP/2gigermd.com/wp-content/uploads/2016/03/logo-gigermd.png IP92.43.218.116:0
File typePNG image data, 187 x 22, 8-bit colormap, non-interlaced\012- data Hash447b1c884877a37224ba061cc768b0fa 3375aa4db2f7030f498c341759d6e0f1520315ee 74f005b5591818b9778bd1af6a2826e9d429ae28e79cd91ad4f7d705d3bf3304
GET /wp-content/uploads/2016/03/logo-gigermd.png HTTP/1.1
Host: gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:23:06 GMT
etag: "838-5757818a-d07863fb7f74528d;;;"
accept-ranges: bytes
content-length: 2104
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/google.png | 92.43.218.116 | 200 OK | 307 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/google.png IP92.43.218.116:0
File typePNG image data, 20 x 21, 4-bit colormap, non-interlaced\012- data Hashfd7875511d7dc16f43fb243c8ef88dde cb19b2efeba2ccf453441d5386e5696adf3f8449 d0f26bc43843db89a31ee4e2bf87c3650d7d5ec7092c56eebd49d16978920438
GET /wp-content/themes/kleo-child/images/google.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "133-5757812e-245eb8dad1502bc;;;"
accept-ranges: bytes
content-length: 307
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 | 92.43.218.116 | 200 OK | 39 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 IP92.43.218.116:0
File typeASCII text, with very long lines (65266) Hashecb6a2daff6006632f7ccdce1979ff99 5c491e7ccbcc2ffae12af18013491bb9e728ff7a dd3f904f4f676b70f017cf6a54027b8f7bc3988f57e6ab9dbc1b9c2816e2d5a7
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Tue, 02 Feb 2021 08:25:22 GMT
etag: "267aa-60190c72-7a19dac20b011f3a;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 38785
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/js/app.min.js?ver=3.0.8 | 92.43.218.116 | 200 OK | 23 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/js/app.min.js?ver=3.0.8 IP92.43.218.116:0
File typeHTML document, ASCII text Hash4f92f5bd3f57ecc4a11ae2f0f4d7e8e5 cfa3fa2063e3a60a7082f73e211084516188081b f8acf9c94c508b7edf0accc966364a975b32ed96c772a6e83d1862b9e02d28fa
GET /wp-content/themes/kleo/assets/js/app.min.js?ver=3.0.8 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 16 Jun 2016 08:47:36 GMT
etag: "1db16-576267a8-cbe2724a4465ba5d;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 22923
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 | 92.43.218.116 | 200 OK | 5.0 kB |
URL HTTP/2www.gigermd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP92.43.218.116:0
File typeASCII text, with very long lines (15660) Hash848f9aadf194f3d024a2a90dbd11e3b5 aecd4b03b5a7829c6ca015d926798dc95e4fa912 36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 26 May 2022 10:37:22 GMT
etag: "48b9-628f5862-eb7987f633ee19e2;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc86fc6649c7c512abb52fcd62d51ee26 bf241d6c1779668447df444a239d715b6ed46f6d 822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7300
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:57:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7300
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:57:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7300
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:57:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7300
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:57:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.242 | 200 OK | 503 B |
IP23.36.76.242:0 ASN#20940 Akamai International B.V.
Hash748f94de11f5f2cca6d3ffe466951051 b4cf2499590e3b5d5bf6c37bc29ef807f0c53196 eed0d0bbe31cc6c57a00a533157f8edeefbcb8e5633f5ca4e866eb531c8387c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EED0D0BBE31CC6C57A00A533157F8EDEEFBCB8E5633F5CA4E866EB531C8387C4"
Last-Modified: Wed, 14 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Fri, 16 Sep 2022 00:57:08 GMT
Date: Thu, 15 Sep 2022 18:57:18 GMT
Connection: keep-alive
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed%3A300&ver=6.0.2 | 142.250.74.10 | 200 OK | 9.6 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed%3A300&ver=6.0.2 IP142.250.74.10:0
Hash0a8a8f1f986a979c28d7e4d4801ae891 499c2094e4e5c8d26e42f5526600f46694a8ec12 03399de58b8b404e7e4c4ded3ea7e16f525908ca8ca60fa8596673b1e831fd30
GET /css?family=Roboto+Condensed%3A300&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 18:57:17 GMT
date: Thu, 15 Sep 2022 18:57:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf2157f7cfbdeb607f28ae51eb090f2c3 33d0dcadaa42179b2eae914c8ad16c9c088afbc9 135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 81365
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf50c34bc30a732593e8fe465055a44ff af100925cba1be716fd2200715d6136bd7f0c5bc 703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 81324
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4833535b1650b0ac875704023b650e66 96ab8cd8e14350f730d26731f3445710324e24e2 d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 81341
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3ef9865421a37eae9a4df04083d27485 c7cf1f6a259cece60a34261ec83ee00736e1d72b 723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 73887
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6 | 92.43.218.116 | 200 OK | 6.8 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6 IP92.43.218.116:0
Hash2e5f57ba37fac4e6047a9a321a8ec084 f6b742549ea35a4b1345cffb937a8bbcceee08ef f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:17 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Apr 2021 04:01:19 GMT
etag: "575f9-6077ba8f-40e61061732a2d1b;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 93958
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/mail.png | 92.43.218.116 | 200 OK | 777 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/mail.png IP92.43.218.116:0
File typePNG image data, 19 x 19, 8-bit colormap, non-interlaced\012- data Hash21a4799f6f0cee35d597e2a1d19de1c9 082778c3625e32dd5aa6afec0d280ef907c40428 dc71d0ffec0cd43b30f4f2ee93557e0b9d5473396fa33d4f50f334871bab8d1b
GET /wp-content/themes/kleo-child/images/mail.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "309-5757812e-c3a048cd277e9170;;;"
accept-ranges: bytes
content-length: 777
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/phone.png | 92.43.218.116 | 200 OK | 251 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/phone.png IP92.43.218.116:0
File typePNG image data, 18 x 17, 4-bit colormap, non-interlaced\012- data Hashd6b4df85841b675baa533da2de6ec929 d266a5eba31d3bdf0c2636d4fbb1f28254901d62 cfb1713ec9256ca7029ef31d8278060d59fd9a91b9e0c138c663f9cf49297b66
GET /wp-content/themes/kleo-child/images/phone.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "fb-5757812e-ccbe15150c932cd1;;;"
accept-ranges: bytes
content-length: 251
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/font/fontello.woff?69617582 | 92.43.218.116 | 200 OK | 57 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/font/fontello.woff?69617582 IP92.43.218.116:0
File typeWeb Open Font Format, TrueType, length 56792, version 1.0\012- data Hash5f33dfbac2e6c6d1cc70cb56bbd358ee c87fef18e8d91684ac0505905e920b58921d0a4e 8fb9fa8ff6599ac1d4e2924d5f7e359e0f299d5dc8081a537caf726bea6d93c7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/kleo/assets/font/fontello.woff?69617582 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo/assets/css/fontello.css?ver=3.0.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Wed, 13 Apr 2016 10:03:37 GMT
etag: "ddd8-570e1979-cc84f79f6bfc567e;;;"
accept-ranges: bytes
content-length: 56792
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/dot.png | 92.43.218.116 | 200 OK | 2.0 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/dot.png IP92.43.218.116:0
File typePNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data Hashe4e191178d3343a3c57dd1f7a849fce5 66e32e4223865b3063e9326913b3a2190d655df5 ca81409f2d0846dc537eff638a4d53c91819816a7e27711676c76a1c8caa3c8e
GET /wp-content/themes/kleo-child/images/dot.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "7ed-5757812e-64272a5e41fedd59;;;"
accept-ranges: bytes
content-length: 2029
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/bullet.png | 92.43.218.116 | 200 OK | 201 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/bullet.png IP92.43.218.116:0
File typePNG image data, 14 x 14, 4-bit colormap, non-interlaced\012- data Hashbd0a56d171a397f6ac31fc0779f1d7f8 2de2b6a5c9654b5f656a20ccf621c6bfe071698f c5aa3e6246c262ce12c30259ff1709acd2d5c961253abdd77780edaa1c2a5ea7
GET /wp-content/themes/kleo-child/images/bullet.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "c9-5757812e-a83ce3a20ef629dc;;;"
accept-ranges: bytes
content-length: 201
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data Hash595fe3fc0b85f3cc9ef5aed2d519abc5 96e76de44987e9dec2f97f1e5eb7a18c738daf5d 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gigermd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:59:03 GMT
expires: Wed, 13 Sep 2023 22:59:03 GMT
cache-control: public, max-age=31536000
age: 158295
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6e669093dc2c285ce41d74ad82e5c3d2 1e65ded94e2b8c575979da362ce8dc2e304c5d5f 5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/pin.png | 92.43.218.116 | 200 OK | 267 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/pin.png IP92.43.218.116:0
File typePNG image data, 13 x 19, 4-bit colormap, non-interlaced\012- data Hash09614d1d3dd00c20832c2bfdda077bb0 0d13ea477ed2db860a2a0a8d1eb2eac6935c0e36 f6084e9e74c9e21968bfe54ed7d0ee41b24836a8baf4d79cd48825f3bce81b06
GET /wp-content/themes/kleo-child/images/pin.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Cookie: GZ=Z=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:34 GMT
etag: "10b-5757812e-4c6768bed2562aad;;;"
accept-ranges: bytes
content-length: 267
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo-child/images/fax.png | 92.43.218.116 | 200 OK | 275 B |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo-child/images/fax.png IP92.43.218.116:0
File typePNG image data, 22 x 22, 4-bit colormap, non-interlaced\012- data Hash5f2efa871bb5e5df950d8231484e25a1 c5132ec55faef51c03dd85c5d4985106d71dab85 c94c763333da77af295864eab463e397c67dcfcce7b2d82f3199d39a7463864e
GET /wp-content/themes/kleo-child/images/fax.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/themes/kleo-child/style.css?ver=3.0.8
Cookie: GZ=Z=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 08 Jun 2016 02:21:33 GMT
etag: "113-5757812d-d39cb02be6ec5e0d;;;"
accept-ranges: bytes
content-length: 275
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.parkinson-hotline.com/wp-content/uploads/2016/04/slide-1V03.jpg | 92.43.218.116 | 200 OK | 278 kB |
URL HTTP/2www.parkinson-hotline.com/wp-content/uploads/2016/04/slide-1V03.jpg IP92.43.218.116:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:04:06 13:45:51], progressive, precision 8, 1400x871, components 3\012- data Size278 kB (278055 bytes) Hashdb7660fad71bde570a294b223a188a6a c148ac5f46c2ab5229e1b82f7b693683e2cbb70e 3407bf6d2fb75ebb6bb26f9ffe82721200bb79523aecdf25f546c773c279ef67
GET /wp-content/uploads/2016/04/slide-1V03.jpg HTTP/1.1
Host: www.parkinson-hotline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/jpeg
last-modified: Thu, 28 Apr 2016 11:51:27 GMT
etag: "43e27-5721f93f-80bda840d4d14cd1;;;"
accept-ranges: bytes
content-length: 278055
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/themes/kleo/assets/ico/apple-touch-icon-144-precomposed.png | 92.43.218.116 | 200 OK | 2.3 kB |
URL HTTP/2www.gigermd.com/wp-content/themes/kleo/assets/ico/apple-touch-icon-144-precomposed.png IP92.43.218.116:0
File typePNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data Hash2837bb73cf1edf428f0a507e56ae62c4 012a0b657f2b59a0018259330a56bb9f5926b550 107a6e4831f21f4cdc95f8ef1e2f4c0390c97f96588281d7d505906f691ad1c0
GET /wp-content/themes/kleo/assets/ico/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Cookie: GZ=Z=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 13 Apr 2016 10:03:38 GMT
etag: "8e5-570e197a-9d9e099240cdd10f;;;"
accept-ranges: bytes
content-length: 2277
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/uploads/2016/04/favicon_gigermd.png | 92.43.218.116 | 200 OK | 35 kB |
URL HTTP/2www.gigermd.com/wp-content/uploads/2016/04/favicon_gigermd.png IP92.43.218.116:0
File typePNG image data, 62 x 62, 8-bit/color RGBA, non-interlaced\012- data Hash8ff7ba1cbd215cbe679bc92223a15393 b2255f9445197fa2707fafd9fbd5569c7cbd4971 47aa759a518fa43d3aab5ae39e491e0df91f5eb8ef7a9a36f3c21e114f96d46a
GET /wp-content/uploads/2016/04/favicon_gigermd.png HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Cookie: GZ=Z=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:18 GMT
content-type: image/png
last-modified: Wed, 20 Apr 2016 13:26:21 GMT
etag: "889e-5717837d-642aee8d86c9bc9a;;;"
accept-ranges: bytes
content-length: 34974
date: Thu, 15 Sep 2022 18:57:18 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/assets/loader.gif | 92.43.218.116 | 200 OK | 2.5 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/assets/loader.gif IP92.43.218.116:0
File typeGIF image data, version 89a, 24 x 24\012- data Hash4b3afb84b2b71ef56df09997a350bd04 accdac8a7abeab0e21c49539aad0a973addb28ef 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
Cookie: GZ=Z=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 18:57:19 GMT
content-type: image/gif
last-modified: Thu, 15 Apr 2021 04:01:19 GMT
etag: "9f1-6077ba8f-95b3ea7a2e1fc554;;;"
accept-ranges: bytes
content-length: 2545
date: Thu, 15 Sep 2022 18:57:19 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 | 92.43.218.116 | 200 OK | 7.5 kB |
URL HTTP/2www.gigermd.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 IP92.43.218.116:0
File typeWeb Open Font Format, TrueType, length 7536, version 1.0\012- data Hash04eb8fc57f27498e5ae37523e3bfb2c7 d942ae11706c3f7e511e3c49b0e4574d7ad199c4 f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gigermd.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
Cookie: GZ=Z=0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Thu, 15 Apr 2021 04:01:20 GMT
etag: "1d70-6077ba90-89488309d5bef526;;;"
accept-ranges: bytes
content-length: 7536
date: Thu, 15 Sep 2022 18:57:19 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash39aa25d8411997d98f9093c19b0ccbca 3cb31e92d707cd561897042ed1a09de5a79e7108 f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/iframe_api | 142.250.74.46 | 200 OK | 959 B |
URL HTTP/2www.youtube.com/iframe_api IP142.250.74.46:0
File typeASCII text, with very long lines (509) Hash66ff15cd944984a71cc5accd3099f578 8e42b8f91f1f14f4b13e685ffcca29e4b5431707 6bf92aa9082290cd6c230320b43771577781a9cb7d263c86014f8f0a4aada279
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 15 Sep 2022 18:57:19 GMT
date: Thu, 15 Sep 2022 18:57:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gmRucca2sFo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=1NjSCAXtd9E; Domain=.youtube.com; Expires=Tue, 14-Mar-2023 18:57:19 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+162; expires=Sat, 14-Sep-2024 18:57:19 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/wp-admin/admin-ajax.php | 92.43.218.116 | 200 OK | 36 B |
URL HTTP/2www.gigermd.com/wp-admin/admin-ajax.php IP92.43.218.116:0
File typeJSON data\012- , ASCII text, with no line terminators Hash0cce36969bbf48c73ba268904a268fc8 f66cbb7a463bd24ab94e845cc0457ff3ae17ce7f 7799a78abac317201ca27a754fe74f2bff95eaa19dc40316b4544af9024d3498
Analyzer | Verdict | Alert | fortinet | Malware | |
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 156
Origin: https://www.gigermd.com
Connection: keep-alive
Referer: https://www.gigermd.com/
Cookie: GZ=Z=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
pragma: no-cache
access-control-allow-origin: https://www.gigermd.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 36
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 15 Sep 2022 18:57:21 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6971ad04397ebe0a117d03ae5c1de8c5 5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f 97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 455125
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash8ff1c0d8a380ce4a561609526d995bf5 135ecd7e71ea2823d39f8c1efcb2121618ed8167 f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash01721134027b8087fcaea01ae7470149 e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864 a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash01721134027b8087fcaea01ae7470149 e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864 a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 15 Sep 2022 18:57:24 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash5bb97599760844e520d9429e92a39266 8803d956dec2e2e4499bbfbb9920c29bbf7c432e 43bd52d69e661fc3d6eadbba88311bc8854a502f2ce534974b36a07d6e437e1a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Sep 2022 18:57:24 GMT
server: ESF
cache-control: private
content-length: 30699
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash01721134027b8087fcaea01ae7470149 e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864 a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash979014a2d4b501776633e545cb609b6e 2389a69c87bcb1b5d962361cec5a71bd43ba0b3b 26f3609adf40f444aa7770872be9a73c083ffe711a6caed25208c1fc00d709b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash20ae50d0df52817906a88b07b3c08138 0f999020f07959636477be4178d238d4dd460464 26eb9c5ac69c9144425fb15a481336487c1923bb141685aea110b0e3dfc20171
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js | 142.250.74.164 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js IP142.250.74.164:0
File typeASCII text, with very long lines (35668) Hash58f2271111ba15010206a4f5e3cf6d4f 19455d45b3b205e5b3da57f724be25f0c964813f f0dd11a1e2a67ff7363bf13949a290ad35352f03026fe0d31e123fe65655a8cd
GET /js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14098
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:13 GMT
expires: Thu, 14 Sep 2023 05:03:13 GMT
cache-control: public, max-age=31536000
age: 136451
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaae21eaa032958190fe77123620212da dc9f5b82e60a4a6522d3e7b9379516cbf335e496 472567e3a4309726cf4d77831a1ffbf3655fe7518655e6a8972a7c7a8a4171cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gigermd.com/ | 92.43.218.116 | 200 OK | 29 kB |
IP92.43.218.116:0
Hashcb4c078ef72f08690608a0ae011ddf1b 8c5fca1abf2e26d4d99c2b08b74e6bf314e8ee3a 67ac469b0091b9cdb5f6dfa58c8c00d723b37666f32da81da2c56db4d08f0254
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://www.gigermd.com/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 15 Sep 2022 18:57:17 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaae21eaa032958190fe77123620212da dc9f5b82e60a4a6522d3e7b9379516cbf335e496 472567e3a4309726cf4d77831a1ffbf3655fe7518655e6a8972a7c7a8a4171cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/tvLVsfTREtYniiOfu3TKsln072CrcsKtlNbAi_iIXbxHjsS5U6qJuFmS6H_iSPd1R7mxZPI33A=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 1.4 kB |
URL HTTP/2yt3.ggpht.com/tvLVsfTREtYniiOfu3TKsln072CrcsKtlNbAi_iIXbxHjsS5U6qJuFmS6H_iSPd1R7mxZPI33A=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash86c1bc9ad44a3ff4ef9b474264048123 e8c842d1ac1ca6314416bea4ea95b1e93a10974f 327de804f5ffd532cd60b853ef14388493a14e2133e382a96461dad49538ab7c
GET /tvLVsfTREtYniiOfu3TKsln072CrcsKtlNbAi_iIXbxHjsS5U6qJuFmS6H_iSPd1R7mxZPI33A=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1424
x-xss-protection: 0
date: Thu, 15 Sep 2022 18:57:24 GMT
expires: Thu, 15 Sep 2022 16:55:50 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&mh=hs&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&mt=1663267531&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAN1uA0wyxzUhUydRwfSIoVDghylL5dVHgcF60rjasBs0AiBaoPZqWPNff1zSZ6OPt4dTeIrJA8haraJGZk9NorsDEA%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&range=0-65957&rn=2&rbuf=0 | 91.90.45.173 | 200 OK | 1.0 kB |
URL HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&mh=hs&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&mt=1663267531&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAN1uA0wyxzUhUydRwfSIoVDghylL5dVHgcF60rjasBs0AiBaoPZqWPNff1zSZ6OPt4dTeIrJA8haraJGZk9NorsDEA%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&range=0-65957&rn=2&rbuf=0 IP91.90.45.173:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1018), with no line terminators Hash4f11bd096d790c3fc80f49adefe7df8a 49593ae511f92d366775502b2c7ff7dd1dd630e9 494eefeff2f65304143e41de3b636c1980589b5ca1ab3452815ef49459a8ba98
GET /videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&mh=hs&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&mt=1663267531&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAN1uA0wyxzUhUydRwfSIoVDghylL5dVHgcF60rjasBs0AiBaoPZqWPNff1zSZ6OPt4dTeIrJA8haraJGZk9NorsDEA%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&range=0-65957&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 15 Sep 2022 18:57:24 GMT
Expires: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1018
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashaae21eaa032958190fe77123620212da dc9f5b82e60a4a6522d3e7b9379516cbf335e496 472567e3a4309726cf4d77831a1ffbf3655fe7518655e6a8972a7c7a8a4171cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash9093db0dc0fe83fb6019831c48d94a12 c7483830ff0698b1952d68dc5835fb50d5a30bed 50f81824d32957d8cdb46aa9376b336ea1424aac1a16fe03ebe9a275b09ae746
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3bb69291f8b72106f02b916412d04ee0 6be78518b9feeb9b94d18225d8084f35c9a9092e 7bcab96ba98c6fb68de42906d6b24b8c3f253f71184b5f3d1d88b371ea5eebb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc61e6882022405df0981665633d29355 c5c433e4d4b4c97e18dc5be39d7d5ebb9eaa7969 28b8d43298e04ee1fb6ba6799d05aca3c30042ea9a198b6f8d0656331d0feb04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc61e6882022405df0981665633d29355 c5c433e4d4b4c97e18dc5be39d7d5ebb9eaa7969 28b8d43298e04ee1fb6ba6799d05aca3c30042ea9a198b6f8d0656331d0feb04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ytimg.com/vi_webp/ONNh1infd8Y/maxresdefault.webp | 216.58.211.22 | 200 OK | 43 kB |
URL HTTP/2i.ytimg.com/vi_webp/ONNh1infd8Y/maxresdefault.webp IP216.58.211.22:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash309731dbb2385f9da0d0c39fe7759a7b 8a8eaed1bbfae0e3bad6b7bab4fdd262c0ab23f5 ee4935ee26256ffee9cc5e6041afdea964a7fae5087350de83fbd9411d891d61
GET /vi_webp/ONNh1infd8Y/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 42996
date: Thu, 15 Sep 2022 18:57:24 GMT
expires: Thu, 15 Sep 2022 20:57:24 GMT
cache-control: public, max-age=7200
etag: "1441790289"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVbKE-oX27oi01Vd5Aew-_G-ngY697P3FBA-0U7Ik50CIFI6f_f38QJxwAlAD6NuWH5FI9_2WUHDxb-qaRRVqObe&range=0-65957&rn=4&rbuf=0 | 74.125.111.10 | 200 OK | 66 kB |
URL HTTP/1.1rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVbKE-oX27oi01Vd5Aew-_G-ngY697P3FBA-0U7Ik50CIFI6f_f38QJxwAlAD6NuWH5FI9_2WUHDxb-qaRRVqObe&range=0-65957&rn=4&rbuf=0 IP74.125.111.10:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hashd1bcbaf4edfb2abe1005ac5c6f2c1a51 869e1930f217c833b1e0541eaf78ce09c4a767f0 f79cddd2d2ec415daebd860607ce4f67c9705fb78da78b6ca37d0d98373d965f
GET /videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=251&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=audio%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=1581048&dur=88.921&lmt=1441700993307443&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANml29VCYUwW2Brg-njoWW6WmP99AxCxDIlUnIFY5ZXJAiEAxT516uqRC3hHh34W9Drt1gt0uppxh1_hmumGpn3daoY%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaVbKE-oX27oi01Vd5Aew-_G-ngY697P3FBA-0U7Ik50CIFI6f_f38QJxwAlAD6NuWH5FI9_2WUHDxb-qaRRVqObe&range=0-65957&rn=4&rbuf=0 HTTP/1.1
Host: rr5---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 08 Sep 2015 08:29:53 GMT
Content-Type: audio/webm
Date: Thu, 15 Sep 2022 18:57:24 GMT
Expires: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65958
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash370dec91809763319e5a4f92791a7e59 68422eb9ca0183a7d89b601ff8e84bbf10322595 a562a963dd4b853d77d7e221a03df83ca76f0b773d102a1d268b63b4812ed7c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc61e6882022405df0981665633d29355 c5c433e4d4b4c97e18dc5be39d7d5ebb9eaa7969 28b8d43298e04ee1fb6ba6799d05aca3c30042ea9a198b6f8d0656331d0feb04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=11037172&dur=88.880&lmt=1441701272252585&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAO83_LTMh5T25Vv2itLwzZL-PwXs5JaqvjgCOkj7LX-yAiEAwtzJtDcbsKDI6Fev374g4XwzEq0E3Q8spemrxasbKww%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCAKeYf41DdKiL_eWEo6rtS8oWqz6lKlN8ElE77fl2KgCIQDacxV6G5m1DFfjhie-FYLYLZuFREG4t5Cz__YzTuM12g%3D%3D&range=0-539&rn=6&rbuf=0 | 74.125.111.10 | 200 OK | 540 B |
URL HTTP/1.1rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=11037172&dur=88.880&lmt=1441701272252585&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAO83_LTMh5T25Vv2itLwzZL-PwXs5JaqvjgCOkj7LX-yAiEAwtzJtDcbsKDI6Fev374g4XwzEq0E3Q8spemrxasbKww%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCAKeYf41DdKiL_eWEo6rtS8oWqz6lKlN8ElE77fl2KgCIQDacxV6G5m1DFfjhie-FYLYLZuFREG4t5Cz__YzTuM12g%3D%3D&range=0-539&rn=6&rbuf=0 IP74.125.111.10:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash9d1a3a88e389cc1def3c6559cd3c56d4 fb565047b4fe56d0c5af618b49271d8ba787e42e a67a137d5de5fbfeb399e2d608bfc2b5d087dd3f4877f81ed6706456ba80a884
GET /videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=11037172&dur=88.880&lmt=1441701272252585&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAO83_LTMh5T25Vv2itLwzZL-PwXs5JaqvjgCOkj7LX-yAiEAwtzJtDcbsKDI6Fev374g4XwzEq0E3Q8spemrxasbKww%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCAKeYf41DdKiL_eWEo6rtS8oWqz6lKlN8ElE77fl2KgCIQDacxV6G5m1DFfjhie-FYLYLZuFREG4t5Cz__YzTuM12g%3D%3D&range=0-539&rn=6&rbuf=0 HTTP/1.1
Host: rr5---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 08 Sep 2015 08:34:32 GMT
Content-Type: video/webm
Date: Thu, 15 Sep 2022 18:57:24 GMT
Expires: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 540
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 15 Sep 2022 18:57:24 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 110 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with no line terminators Hash8f5443720df7905bee24c9c2054e40dc acee1951368e0d8407350fcb22270e5d225db4ef b70863712f7a7695b01262250b949fe026e717c17defc8d8c25f196579134de7
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1083
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Sep 2022 18:57:24 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=5744085&dur=88.880&lmt=1441701270636743&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK2Hj3mwn-QdxuPSOmLD-D0T6x1wSf9lQEBWJH_rpglPAiAHK0z1IPDNM1nJwSyD6AJj2s4Z5jEtxINHtpwkN-Veng%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIVpGvKZi2zFA_gnj0Jqd_Q0b24rD0GDFfMu7qICbnQaAiAqdDOoLuqGDA7ZacY5e26xzIb8xePTB2lSlEpkJbEMcw%3D%3D&range=0-208388&rn=3&rbuf=0&altitags=243%2C242 | 74.125.111.10 | 200 OK | 208 kB |
URL HTTP/1.1rr5---sn-5goeenez.googlevideo.com/videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=5744085&dur=88.880&lmt=1441701270636743&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK2Hj3mwn-QdxuPSOmLD-D0T6x1wSf9lQEBWJH_rpglPAiAHK0z1IPDNM1nJwSyD6AJj2s4Z5jEtxINHtpwkN-Veng%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIVpGvKZi2zFA_gnj0Jqd_Q0b24rD0GDFfMu7qICbnQaAiAqdDOoLuqGDA7ZacY5e26xzIb8xePTB2lSlEpkJbEMcw%3D%3D&range=0-208388&rn=3&rbuf=0&altitags=243%2C242 IP74.125.111.10:0
File typeWebM\012- EBML file, creator webmB\20\012- data Size208 kB (208389 bytes) Hashfe4c6baa9ce601bbd2bd5c5126bdcdfa ef1553d11aecd18d57440d64418cdfdd3dc6b8f4 b993a6decf0f5316fa4affb8aa08a03657246df4833e4113aea9864ec339072c
GET /videoplayback?expire=1663289844&ei=lHUjY5bnAtfoyQWf36egBQ&ip=91.90.42.154&id=o-AAV8f7pC9lAW_LTyU0qZ0hRss_YKDDFIaaQ7JNCxp_K9&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp0Ze4VIJUCbSlMz1NpyI11LniM4&vprv=1&mime=video%2Fwebm&ns=aFS4tb2VTHPg9n5HU5fpVh8I&gir=yes&clen=5744085&dur=88.880&lmt=1441701270636743&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=KF-h7U0EeoYT0g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK2Hj3mwn-QdxuPSOmLD-D0T6x1wSf9lQEBWJH_rpglPAiAHK0z1IPDNM1nJwSyD6AJj2s4Z5jEtxINHtpwkN-Veng%3D%3D&alr=yes&cpn=SS9BFupPo68EsW8n&cver=1.20220913.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=hs&mm=29&mn=sn-5goeenez&ms=rdu&mt=1663267548&mv=u&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIVpGvKZi2zFA_gnj0Jqd_Q0b24rD0GDFfMu7qICbnQaAiAqdDOoLuqGDA7ZacY5e26xzIb8xePTB2lSlEpkJbEMcw%3D%3D&range=0-208388&rn=3&rbuf=0&altitags=243%2C242 HTTP/1.1
Host: rr5---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 08 Sep 2015 08:34:30 GMT
Content-Type: video/webm
Date: Thu, 15 Sep 2022 18:57:24 GMT
Expires: Thu, 15 Sep 2022 18:57:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 208389
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5a6939786c9343412c9af87efd3f44e0 14131148fda4e8d85b582fd20e76bcc814341bf1 8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 76240
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400 IP142.250.74.10:0
GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 18:57:17 GMT
date: Thu, 15 Sep 2022 18:57:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gigermd.com/?compressiontest=gzip.html | 92.43.218.116 | 200 OK | 0 B |
URL HTTP/2www.gigermd.com/?compressiontest=gzip.html IP92.43.218.116:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /?compressiontest=gzip.html HTTP/1.1
Host: www.gigermd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gigermd.com/
Cookie: GZ=Z=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
set-cookie: _icl_current_language=de; expires=Fri, 16-Sep-2022 18:57:19 GMT; Max-Age=86400; path=/; secure
_icl_current_language=de; expires=Fri, 16-Sep-2022 18:57:20 GMT; Max-Age=86400; path=/; secure
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
date: Thu, 15 Sep 2022 18:57:20 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|