mabserviceswiss.ch/
88.99.4.113302 Moved Temporarily 0 B IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mabserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 12 Nov 2022 02:21:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://www.mrserviceswiss.ch/
X-Powered-By: PHP/5.6.40, PleskLin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4055
Expires: Sat, 12 Nov 2022 03:29:12 GMT
Date: Sat, 12 Nov 2022 02:21:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6323
Cache-Control: max-age=122113
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:37 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:16:50 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Sat, 12 Nov 2022 03:13:56 GMT
Date: Sat, 12 Nov 2022 02:21:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 01:44:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2250
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uj9IJz43sY4JmH7ES1yfxKZA7v12zW1Gw15tdPxfzWolUVyYoWwX98Utss/caHOtHhLI+1SJaxI=
x-amz-request-id: F288PFES1KHC23FA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 02:12:48 GMT
age: 529
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:21:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6860d98863137acb65caf0b088c5111
cd4f3be42b0eafa7e9477064c5dd476f6edf40a5
aabeb45e8cbdabf36baf2e2ce29d6734f95d2fdec40cbf4f430ccc0b70ff68b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AABEB45E8CBDABF36BAF2E2CE29D6734F95D2FDEC40CBF4F430CCC0B70FF68B7"
Last-Modified: Sat, 12 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Sat, 12 Nov 2022 08:21:13 GMT
Date: Sat, 12 Nov 2022 02:21:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 01:44:48 GMT
cache-control: public,max-age=3600
age: 2210
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3825
Cache-Control: max-age=114538
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:38 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:10:36 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.mrserviceswiss.ch/
88.99.4.113200 OK 15 kB IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash e5ef27fc7cd1b6c69fe1d48946966a27
b6fb1dff92b4d9cdabff1a67914fb943cb868bf6
7ca92a73c8d2dd31a67f9401fd2e1863719865452b3182f091adcdcf8e0141c3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.mrserviceswiss.ch/wp-json/>; rel="https://api.w.org/", <https://www.mrserviceswiss.ch/wp-json/wp/v2/pages/634>; rel="alternate"; type="application/json", <https://www.mrserviceswiss.ch/>; rel=shortlink
X-Powered-By: PHP/7.3.28, PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/themes/skylab/style.css
88.99.4.113200 OK 30 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/themes/skylab/style.css
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash e213d2b58bb4c7dc3f4ded31c593493e
7f51e1a4062f351d198d4bbb721e1590099a9cfb
cf200b0891cdd29e6da7c585505368493f0d2b92e3c1e7b451c7a63d3bdb06af
GET /wp-content/themes/skylab/style.css HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Wed, 17 Apr 2019 14:56:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cb73e84-2dd74"
X-Powered-By: PleskLin
Content-Encoding: br
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9xJBuLGAK6zRTe1mzEwE5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SSLT48OVBtJ+IzJQztd0gIdru4k=
www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
88.99.4.113200 OK 849 B URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash fddaf56fab3fffd147e6747026b70a71
654b5c0f316e9e887a4cc58f23add9c0d695919e
938e92cd17c851bbd5785406c661e5f003d7d457384c4a4ff711b50c363c5257
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Wed, 19 Oct 2022 13:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"635001b5-aab"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.3
88.99.4.113200 OK 824 B URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash fb3ab3eb61eed875fadb8166a04e7680
a6d243869c0a4507276dc99717019b29811ea941
cf3bfb5d8223ebe9afe9b52869b1f046de26a7a94ea88456613e188bba047c87
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Oct 2022 05:26:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634a4489-c22"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
88.99.4.113200 OK 12 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash eaa452a565d6b54e94a49d0005dab6fd
e0530d34aa4238d4159056f987cb2b0ff3792717
76dd0129e1e6f45122f47c32f27052695a63b5d6356ac8ce39bbce9b6086acd3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Jul 2021 09:31:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60e2d188-ea95"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
88.99.4.113200 OK 11 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (43771)
Hash 8bb5274311a7b0a141f8c6891f29adc4
c9f716534276229195619d18b41ad00833919aa9
f1771ea8589c63e8115878a3572813c1ff7bebd930dd37b652a11ddc6eae7f6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Aug 2022 15:05:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ecb9-15b64"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.3
88.99.4.113200 OK 4.1 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash 175b29f05abda278918e33351f7f5d93
79aa66d372d6f5a36b202c6ddb744426fae06336
7e9c992d83610b5a61d3cb9d2c57d993b489cbf22b3db1ab46c3acfd00f3bd5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Oct 2022 05:26:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634a4489-6a71"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
88.99.4.113200 OK 8.0 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash 0753784634c5eb4228332c614d5cc501
2bac842289ce7660ffab12fe817f7a4b71455fa3
89941f3d117b597c332a5ea32946cd27c106a6ef0094c4a7a1121c36c6d2ae05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Aug 2022 15:07:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ed34-1f7d7"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
88.99.4.113200 OK 4.0 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash add44040f586702dc1c451ab92296499
d9c7ba287ba026b837e2452763be965ab0020534
33e3f641cfc7cc64ac828fb2109d67649610740d78e4f4380d6bf551327e354b
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 05 Jul 2021 09:34:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60e2d225-2bd8"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.3
88.99.4.113200 OK 7.1 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash 763388a051b9c76bdceb3befdb290c28
3c4983a17e0ffa6da23d484cd5a0a87054303f5b
2f55b7d82051e42629dab7505bc8bc1a38a1b26fe1a2066cab9f396906006588
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Sat, 15 Oct 2022 05:26:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634a4489-8583"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b474f74278f0bc7d8a7d6a66c3dcc2dd
6aad727d11a42fefbcabe6af4f0d32c42c946043
db18a18706d236333a7e8671728aea6adbe89e54905799cb5dc8d32feadf2e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mrserviceswiss.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
88.99.4.113200 OK 30 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash c283771b68cf6ecfec9cce4f72b6fc03
951bf3241babd8058d2a5bebc151d5ed4af7cb2e
4fe86edfc77df7939593c25af0918243acde2c7deb879c0db2a2d66ee1a90c94
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 30 Aug 2021 12:13:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"612ccb54-15db1"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
88.99.4.113200 OK 2.6 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (8632)
Hash e235bc2b0c186b648fa39c1004f8bf8f
094f9bf9ab880f07d7ded92984408165b2999b71
6cc6abc217c158e397b91ae17855d539c9dd2a89deea2e491ade42e2388602e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Aug 2022 15:05:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ecb7-226e"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
88.99.4.113200 OK 3.7 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11760)
Hash 490e373b545ebec06b8f429272f91b81
9cf0d14811073f08c0a53c924baefa1ecc7fbff8
45843298bc349fa1aa097284c09a56594dccc3595116f53282275ad3521dde57
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Aug 2022 15:05:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ecb7-2ea1"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
88.99.4.113200 OK 44 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 2962420baa39776d34aaf37f9ea9c3e9
be69beb4949cdba967ad4f2accfca00966263c30
94e6f0d8a254b54b577afe0856f0069196cb6ba04741ba5d67bb2545113e1960
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 05 Jul 2021 09:31:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60e2d188-1d25a"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
88.99.4.113200 OK 6.6 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash d649d4008030239d0329a056a0b437df
8445830347d3729563eddbf748cbd4b170ed6a92
6237549605fe95c0ae21a339a8ee4d1d866ccf31e73585c7e20d8b903a254960
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Aug 2022 15:05:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ecb7-50eb"
X-Powered-By: PleskLin
Content-Encoding: br
www.googletagmanager.com/gtag/js?id=UA-123156115-24
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-123156115-24
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b7b5134c2cca320f5847009089692eca
a5e6bdf8d2bd0176cf6a03e26af2b511f11b652c
978ede84a64507f7dd25632707fff3d00badb56ce2b028817e7f4f7530b79a6e
GET /gtag/js?id=UA-123156115-24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 02:21:38 GMT
expires: Sat, 12 Nov 2022 02:21:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mrserviceswiss.ch/wp-content/themes/skylab/js/jquery.shortcodes.js?ver=6.0.3
88.99.4.113200 OK 227 B URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/themes/skylab/js/jquery.shortcodes.js?ver=6.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash 5aee9d6af02b302947c042a837818dee
259745aac284eccc434c1a7c5020e8d0ed755f9c
f631110f281646d079a69eca80b5b05d79bfe080926ec72593aaa4bea2b4dc8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/skylab/js/jquery.shortcodes.js?ver=6.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 17 Apr 2019 14:05:56 GMT
ETag: W/"27f-586ba625f3900"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
88.99.4.113200 OK 77 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (64268)
Hash 9753cb0b34a395b4ad379f148f08e459
8d933241116ea3da48cfe38d9215782f7e37c5c8
64f047c45b34a990fe21f11b60b2c4b253c208c2e54f505c351b438a0b24a88a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 05 Jul 2021 09:31:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60e2d188-4fd58"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4
88.99.4.113200 OK 398 B URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1190), with no line terminators
Hash 28a594dedbb370ab53c601ac55fc0702
8bad06fa9ae44279adfe6171fd48f9df5eed60b7
68445b8ec38bbbfb155ef1823f29529b43b1066578e8143092856ae8b339f6c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 17 Apr 2019 14:05:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cb732c3-4a6"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/themes/skylab/js/jquery.mega.js?ver=6.0.3
88.99.4.113200 OK 13 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/themes/skylab/js/jquery.mega.js?ver=6.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ISO-8859 text, with very long lines (6309)
Hash cd50f8068ad3b9fa56f8bb5ac95136b3
1d0d6a9764e94aff8aefdf9da661823625351eaf
b930d392b55d918db17e24be23e5bb71f4613d676ecf9fe781a32983b416c61b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/skylab/js/jquery.mega.js?ver=6.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 17 Apr 2019 14:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5cb732c4-a500"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
88.99.4.113200 OK 2.8 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9937), with no line terminators
Hash ab2a18520ee5f0267139fa2b20a2728a
56c7df13bc65729528f6d42cf75020f656941a4a
79414a7f5b71f28f8145dfec417b924b15718525bbf065ddf2d9be5224912ed8
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 19 Oct 2022 13:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"635001b5-26d1"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
88.99.4.113200 OK 3.7 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 5b3f4bb0ffd92e565352f9197dcf8983
55ac1d8e091637a08618f44956b3ea8863a88722
26cc92ace07e37f2870728676f564d38d4f5bb21d2253b1686fca3414e84e3f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Wed, 19 Oct 2022 13:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"635001b5-3016"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b474f74278f0bc7d8a7d6a66c3dcc2dd
6aad727d11a42fefbcabe6af4f0d32c42c946043
db18a18706d236333a7e8671728aea6adbe89e54905799cb5dc8d32feadf2e53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mrserviceswiss.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
88.99.4.113200 OK 4.6 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 8b9c2e795218dd617714ce4ab2a266dc
2137dac9c2d7a5b90ef29454c93b9b6493bb4ff9
f8bdbfb1858865801345baa306dd8009b7e15b4929cc7d4e2d3bd1ad6cf6f19b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Aug 2022 15:05:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ecb7-48b9"
X-Powered-By: PleskLin
Content-Encoding: br
www.mrserviceswiss.ch/wp-content/uploads/2019/04/logo.png
88.99.4.113200 OK 26 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2019/04/logo.png
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 500 x 339, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a0063a28e38296f4659bae00fa11b5d
da60f6d29d69443bf887e4ac529ea8024322ebe9
a8a2a86996c11f00ae1faa0f15799a68aad8b6bcf3d02607c0e7c02212eee9b6
GET /wp-content/uploads/2019/04/logo.png HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/png
Content-Length: 25890
Last-Modified: Wed, 17 Apr 2019 14:45:24 GMT
Connection: keep-alive
ETag: "5cb73c04-6522"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mrserviceswiss.ch/wp-content/uploads/2019/04/sli3.jpg
88.99.4.113200 OK 128 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2019/04/sli3.jpg
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 929x597, components 3\012- data
Size 128 kB (127649 bytes)
Hash 2474756a11ea39502dc4eef66158301c
80a4add4a86f0d31474c24b71c6713eef94fb8dc
ecb05406a4c38913835becde7ce6ead547b474ec9bdb5c5e0376889ff9fcd3e6
GET /wp-content/uploads/2019/04/sli3.jpg HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/jpeg
Content-Length: 127649
Last-Modified: Wed, 17 Apr 2019 14:50:24 GMT
Connection: keep-alive
ETag: "5cb73d30-1f2a1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/images/flags18.png
88.99.4.113200 OK 42 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/images/flags18.png
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 169 x 520, 8-bit/color RGBA, non-interlaced\012- data
Hash e87c3f6109f5a5db4a1da94a8f709103
8037ff4f34e9d0b7fefc2a32af1fdc674a869e73
2aa94c1fd0a7d0644b70648ecb0d25386817b658e3cb4e5a635b7d929fd3f654
GET /wp-content/plugins/google-language-translator/images/flags18.png HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/png
Content-Length: 42054
Last-Modified: Tue, 23 Aug 2022 15:07:32 GMT
Connection: keep-alive
ETag: "6304ed34-a446"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.mrserviceswiss.ch/wp-content/uploads/2016/01/ParcoMezzi.jpg
88.99.4.113200 OK 446 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2016/01/ParcoMezzi.jpg
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:01:18 12:35:04], baseline, precision 8, 929x597, components 3\012- data
Size 446 kB (445525 bytes)
Hash e50191809026c734dbd44b662efd6acf
de0566693e71188389b146319f34ef25391337d9
58017c2ea64b3cc26e60e8eb3e55b1afabd09df46f258eadab61a31b3ac86f02
GET /wp-content/uploads/2016/01/ParcoMezzi.jpg HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/jpeg
Content-Length: 445525
Last-Modified: Wed, 17 Apr 2019 14:05:54 GMT
Connection: keep-alive
ETag: "5cb732c2-6cc55"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mrserviceswiss.ch/wp-content/uploads/2019/04/sli2.jpg
88.99.4.113200 OK 109 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2019/04/sli2.jpg
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 929x597, components 3\012- data
Size 109 kB (108763 bytes)
Hash 711cc054df4caf27179c8b6c02b9cd56
aff8336dbfb2e09e65b94976d60e619457f44445
0ae7f85ffbaf395ba214a5b2442be53448a32292a54f0a938943eadc2c3d9516
GET /wp-content/uploads/2019/04/sli2.jpg HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/jpeg
Content-Length: 108763
Last-Modified: Wed, 17 Apr 2019 14:49:49 GMT
Connection: keep-alive
ETag: "5cb73d0d-1a8db"
X-Powered-By: PleskLin
Accept-Ranges: bytes
translate.googleapis.com/translate_static/css/translateelement.css
216.58.207.202200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 216.58.207.202:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 01:39:22 GMT
expires: Sat, 12 Nov 2022 02:39:22 GMT
cache-control: public, max-age=3600
age: 2537
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JQW1dbr70YQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrJG-z2IpN4R5S-gKz6JFJY5gDwXQ/m=el_main
216.58.207.202200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JQW1dbr70YQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrJG-z2IpN4R5S-gKz6JFJY5gDwXQ/m=el_main
IP 216.58.207.202:0
File type ASCII text, with very long lines (1613)
Hash a3e0ff8b4b20f169903133794fb9bc3b
ab84da2dc598a185ebc6270b10897f8fe720c220
08fef501e59fd7c4aa467c47c20ecf57ce8ae65e19a9e36271791fceef531a87
GET /_/translate_http/_/js/k=translate_http.tr.no.JQW1dbr70YQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrJG-z2IpN4R5S-gKz6JFJY5gDwXQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75091
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:32:36 GMT
expires: Thu, 09 Nov 2023 18:32:36 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
content-type: text/javascript; charset=UTF-8
age: 200943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mrserviceswiss.ch/wp-content/uploads/2020/09/icon.png
88.99.4.113200 OK 11 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2020/09/icon.png
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 249 x 249, 8-bit/color RGBA, non-interlaced\012- data
Hash c7ebbe59ad5aa5e6709a71c8123cf93f
68a884b224f8ec2fbfce1a34a65c985bc3fcee2b
faf8dbf1713633788ecd0da050fecb9bcde53a109044bbbc7d4b61747b50d4a2
GET /wp-content/uploads/2020/09/icon.png HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/png
Content-Length: 10777
Last-Modified: Tue, 08 Sep 2020 14:32:04 GMT
Connection: keep-alive
ETag: "5f5795e4-2a19"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 12 Nov 2022 00:41:09 GMT
expires: Sat, 12 Nov 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 6030
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mrserviceswiss.ch/wp-content/uploads/2020/09/icon-150x150.png
88.99.4.113200 OK 3.5 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/uploads/2020/09/icon-150x150.png
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 78f3105dac062f2dea5f01fda43510cf
c0f3c78c0100f8948d7436cefef64f8832df9b2d
e602b58d6b2b7e9574b69655f079bc50c379ca42edec557829aad20c602160e1
GET /wp-content/uploads/2020/09/icon-150x150.png HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/png
Content-Length: 3540
Last-Modified: Tue, 08 Sep 2020 14:32:04 GMT
Connection: keep-alive
ETag: "5f5795e4-dd4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
88.99.4.113200 OK 472 B URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Aug 2022 15:07:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6304ed34-35e5"
X-Powered-By: PleskLin
Content-Encoding: br
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 01:47:31 GMT
expires: Sun, 12 Nov 2023 01:47:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.163200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.163:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 19:19:09 GMT
expires: Sat, 11 Nov 2023 19:19:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 25350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 01:31:16 GMT
expires: Sun, 12 Nov 2023 01:31:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 3023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.42200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.42:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 02:21:39 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Sat, 12 Nov 2022 02:21:39 GMT
set-cookie: NID=511=KFy-n5HQmzOTQcKK5w16lGKeyMmYu83Ywti_NPkgZaQIf7niGRYhLDSF_g4wFBQ-KQd1yQXEhWf1KrX6GygE7WW860EIkW62Q-cKxfzHLy6MTuf14eM5Z5Bz7sH4UuqJFG_9yyyNqZkRb6U78gNmTVFJV2foJ71WEo_FsvTiP4M; expires=Sun, 14-May-2023 02:21:39 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+432; expires=Mon, 11-Nov-2024 02:21:39 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/assets/loader.gif
88.99.4.113200 OK 2.5 kB URL HTTP/1.1 www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 88.99.4.113:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: www.mrserviceswiss.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _ga=GA1.2.839837331.1668219699; _gid=GA1.2.2011439633.1668219699; _gat_gtag_UA_123156115_24=1; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 02:21:39 GMT
Content-Type: image/gif
Content-Length: 2545
Last-Modified: Mon, 05 Jul 2021 09:31:52 GMT
Connection: keep-alive
ETag: "60e2d188-9f1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 12 Nov 2022 03:30:17 GMT
Date: Sat, 12 Nov 2022 02:21:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c5c44bd44390f0c719f56ecee6d513
1d791a0dadbfbab7c9b377783587ff728b2008d8
5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 16586
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 15642
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93b7017621a1a6181f14a2f125a1ad50
ab420d5a89044e863e543330e00aa00f12f1c490
da668278aacf51a38a1aaf687f3baf938dd288cf90ec791533c92e61ba716ed2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8188
x-amzn-requestid: 27e084b6-0fc0-4398-a591-8317e81b96c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMiTFvJoAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec141-33db0c401d7e5c1721b4365d;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: MXrj42s2oh1Fwhea0h3w20rZeSE7DCOIx0XvaXBL9EeLnseNffwveQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "ab420d5a89044e863e543330e00aa00f12f1c490"
content-type: image/jpeg
age: 16587
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567bcdef39653e949301b97714168c31
8669185a5f338e34026c48310c88c5a9d8caa1c2
7ecaa9ceaa0a60e608e62571108fbcf49f6fa2b3e77feacbf52d319beda40db1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7533
x-amzn-requestid: 985674ba-be97-4ca3-babb-594c61f8d6c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8BEqFIAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e6-3abc6a525f2a2bde14465b7e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DRfYKF1_Z56kxeaprUhH1Ng8MgW0Z6Xx_yWwiO3MnswRFY482udCjg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:48 GMT
age: 16671
etag: "8669185a5f338e34026c48310c88c5a9d8caa1c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
age: 16587
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a390953f36bf9902cb9f04007c36c1
13535f16f207d4c19c1b6019757f6739a4531eeb
37d73300955a979e5b9d3dabc6e924c4e9734c6c63d92c42c709f8cb0d5aeabb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ncUYc6gH2CYjxAwoVCC4MEj8Va5GGn1ZAg-gBmFtm5gzYIe898Ittg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
age: 16587
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 15663
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mrserviceswiss.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 02:21:38 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+055; expires=Mon, 11-Nov-2024 02:21:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2