beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
217.160.0.82302 Found 334 B URL HTTP/1.1 beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
IP 217.160.0.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 239157e85216aea10f507940d5751338
9d46e799f4b6c409a1e3ca7de3291f6c8ff88c16
18ece8f49a36f387cb72d79362dfaf26863d3fcda168f3978f64b0d192d9412a
Analyzer Verdict Alert fortinet Phishing
GET /mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Connection: keep-alive
Keep-Alive: timeout=15
Date: Fri, 31 Mar 2023 09:17:51 GMT
Server: Apache
Location: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cache-Control: max-age=3600
Expires: Fri, 31 Mar 2023 10:17:51 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4056
Expires: Fri, 31 Mar 2023 10:25:27 GMT
Date: Fri, 31 Mar 2023 09:17:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 31 Mar 2023 10:58:59 GMT
Date: Fri, 31 Mar 2023 09:17:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 08:28:22 GMT
content-type: application/json
age: 2969
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4430
Expires: Fri, 31 Mar 2023 10:31:41 GMT
Date: Fri, 31 Mar 2023 09:17:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wj1UVVJkDYjSzxYMPfUXMfLtqO4gl2L/eLV0nZax6h0WB8+u36GXu782LcPQ/0WtD0XgoDf3sCZCaXw+rq8iJA==
x-amz-request-id: F081M8EMMTVXPEV8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:12:07 GMT
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
age: 344
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:17:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9297
Expires: Fri, 31 Mar 2023 11:52:48 GMT
Date: Fri, 31 Mar 2023 09:17:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 09:14:39 GMT
age: 193
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P0RWrJGbC1GaPtydKsrmPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VXl0jJJ9isLvZApvDfW89Z+KeiY=
Date: Fri, 31 Mar 2023 09:17:52 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4320
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:17:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4320
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:17:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4320
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:17:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4320
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:17:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4320
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:17:52 GMT
Connection: keep-alive
beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
217.160.0.82404 Not Found 28 kB URL HTTP/2 beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
IP 217.160.0.82:0
Hash 1374f58f6aee8caa663499a17b85e101
27507d83df8a233a4b274f46e262fadd007fe5c6
269c23605ce7fb59a97e70e721e190a2d25eb9fabe475d0eb913b502a18162b6
Analyzer Verdict Alert fortinet Phishing
GET /mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 09:17:51 GMT
server: Apache
x-powered-by: PHP/8.0.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:52:34 GMT
age: 41118
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 14:31:29 GMT
age: 67583
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 9195
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: 1fad6d1e-3380-4574-9796-ca6bde35b507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUneEK8IAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260162-690f6e9933616e9b74b70435;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 5qljjE3ByqQaRJhcpkBZFcYVH4lCoP2idQM0iPBAT7znLfoZmO0lUg==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:29 GMT
age: 41483
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 39647
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/css/classic-themes.min.css?ver=6.2
217.160.0.82200 OK 211 B URL HTTP/2 beta.medi-buy.de/wp-includes/css/classic-themes.min.css?ver=6.2
IP 217.160.0.82:0
Hash 8eaf36a2ef7200b435492ae8cdf64485
7ef64d0e8d9d74ddc922cece6d1767b6e41c8c02
55f268116731bbb77a0ae23eca53289b519cbe2591711da7ba1057f8ddae021b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=6.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 211
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:25 GMT
etag: "123-5f811bb61291f-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome-child/style.css?ver=3.0
217.160.0.82200 OK 255 B URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 217.160.0.82:0
Hash 4c546bef72cea08f3fb9e7a15b3f2fea
d46fd4b1be34a8587772fe93bacfe5d5ff6275de
cfaa83fd3580ddfaad5e08fe11a86fc1b9a342592c6b8d41de0e474bee6c0401
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 255
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Mon, 11 Apr 2022 14:14:33 GMT
etag: "16c-5dc61904490d0-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
217.160.0.82200 OK 12 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
IP 217.160.0.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1d91bdaaf26bfd05d505c9e15b5e3ed2
426c45cb5bfdf27b92bdb619189e07a8f0d2d547
a64854b1ecec32e5916cedd39687628f4995fbd89c4b1dd78d706726627954dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 11636
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "1443d-5f75cae4cb7cc-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
217.160.0.82200 OK 1.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
IP 217.160.0.82:0
Hash 10c981e414531fa371a637383e3dda5d
e2eb307cc499ca898057281a79bedf5dae815112
b67fe501c225e5344329978185446dc4677ba93a75b837a3ab7db8bcae8b0746
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1085
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 24 Mar 2023 10:45:45 GMT
etag: "b2b-5f7a31874e7ea-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/04/logo-medi-buy.png
217.160.0.82200 OK 5.8 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/04/logo-medi-buy.png
IP 217.160.0.82:0
File type PNG image data, 237 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash cae0fbb297641424c5c6e18e99618c84
27ee112414d5c5176eabac02efca27c98ab50ad0
867806f0540ef5e1e1a55abafbb8e614ccc4cd1b0288f952e36d408cdba0a1c4
GET /wp-content/uploads/2022/04/logo-medi-buy.png HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5835
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Mon, 11 Apr 2022 13:13:16 GMT
etag: "16cb-5dc60b511ed13"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
217.160.0.82200 OK 5.3 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP 217.160.0.82:0
File type ASCII text, with very long lines (13326)
Hash c208a6ed20c9eefd1884c2606d728e45
39054b88e007bb50221f3887724e684984df2998
9d4bf67277480e5330941cde187f305d7fb0c172b79c57bf381c6cabd2579449
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5257
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:26 GMT
etag: "3470-5f811bb71849b-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beta.medi-buy.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
217.160.0.82200 OK 36 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (65447)
Hash 75077d278b30d098b76044f0dcd0fe7d
8dcf8b4bdb672352ba5d389234f6b232eaad7dc0
dfeea66a6249f590872898d052114327238a05fd7635205e16144bc46d55c578
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 36269
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:26 GMT
etag: "15ed7-5f811bb71849b-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-217443978-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-217443978-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash b45cfdd132ba319e8ce0dfafc2dea4d9
99102cdf913d9dd8cc88a2dc5131173b1a046523
25c47b9b2f9571eff2fa4e14ce448c6675d2ae33fa70c00c09c1a6bb1bd7252c
GET /gtag/js?id=UA-217443978-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:17:53 GMT
expires: Fri, 31 Mar 2023 09:17:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 31 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3
217.160.0.82200 OK 38 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d9479e5834504958b77427a097f67a56
e9e2ca13e44f3020cdfa6895ca32ca6d17c179b6
d40c5197bad5e0693f82f85a238454b9380156c8c290448662a7256c1f344eae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 38164
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "2396e-5eff1d1bb6274-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
217.160.0.82200 OK 3.3 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
IP 217.160.0.82:0
File type ASCII text, with very long lines (10241), with no line terminators
Hash 6978bb34dde4c42311af2cd8abbe8a38
8247bd5f282145c3c150fc5307bb37e711bf7709
f7eb6bc5067c88bce53ac57835743799c2b15a4ab266a8195513048f7287927e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 3305
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 24 Mar 2023 10:45:45 GMT
etag: "2801-5f7a31875e1ea-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
217.160.0.82200 OK 4.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
IP 217.160.0.82:0
File type HTML document, ASCII text, with very long lines (12943), with no line terminators
Hash 2a924589517f22738211365fd3c09bfa
f0e263f19ff50782a3d8180edebc0ab4974e0c98
a560c953a9c8f99322b90bb6c94b35cfb02932fa3ec8b47ae735c27ad7447c75
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 4676
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 24 Mar 2023 10:45:45 GMT
etag: "328f-5f7a31875b30a-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
217.160.0.82200 OK 2.8 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP 217.160.0.82:0
File type ASCII text, with very long lines (8171), with no line terminators
Hash b3e840dbe4013b5d4a0ddad4f10cd42d
c9a173ea16aa6657eb93cc870d2b97c63335eae6
3ddc2e1c5386e1ca76eb09e56af69a2f5b35038501d9dc2cc017a0ea54f7c3ad
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 2786
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:26 GMT
etag: "1feb-5f811bb6d2f3c-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3
217.160.0.82200 OK 5.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (13072)
Hash 061693c5c5ad1ec48ba95af7f8643a3d
b94f72bb8c9b8592bee7186b672e192cf23aff11
6eb78918e3ac98d13ca3ddce999aca6b26e6b665b6466e4e5e8049f3e885fe8c
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5714
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:36 GMT
etag: "3f6d-5eff1d2359390-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
217.160.0.82200 OK 2.7 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
IP 217.160.0.82:0
File type ASCII text, with very long lines (6607), with no line terminators
Hash a8f6d47aed6d63a0611609b5e6ad9192
5f5e792e4c75920cb89207bf3a5afec1a52b9696
eb58a8a9c8518cae0d83f687dd770f43e130e7f698aded51f2eb585569f2e0ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 2690
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:26 GMT
etag: "19cf-5f811bb6d1f9c-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
217.160.0.82200 OK 7.3 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 217.160.0.82:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 4f55873537fd656f53e8c0edb2e14d75
180992994a9f4191e351bb772a7186a919cc6318
8106407d9aba57e84f5ce91e8a7333f4fa9037f7ac9b034b84066805572a6efd
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 7347
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 10:45:43 GMT
etag: "459f-5ec7a8ada6cdd-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2
217.160.0.82200 OK 721 B URL HTTP/2 beta.medi-buy.de/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 217.160.0.82:0
File type ASCII text, with very long lines (1464)
Hash 31d28cf829ef7282a64b74233df8d403
d266f07f76290ba8751be662b4a99fe6ab023bf9
bf3bba54e381f6209375f4e5b394e30765ebb82fd3fc004447507fe340e26a03
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 721
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Tue, 24 May 2022 22:45:39 GMT
etag: "5db-5dfc9b747692a-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0
217.160.0.82200 OK 20 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0
IP 217.160.0.82:0
File type ASCII text, with very long lines (56980), with no line terminators
Hash a75dc520d97c02a153035cd83aabe4f6
8df7b4bbed017508aa3ad9fd67d5d344935c560d
3dbbdba42c1fb75acda12bc1962d4e8d131dcf011777ae7c39e71a92e27aa2e5
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=28853c9a025d4d96eeff0813ad2396c0 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 19684
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "de94-5eff1d1c0fff2-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg
217.160.0.82200 OK 6.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x91, components 3\012- data
Hash 8955444a45e07fd2fdda39264bd29068
e595e57addd904bbb4f05dedf336996c75c77b5d
0520f471c761cf3c418c201ec9b0c297c61427d1b4604e3c5fa434e1a1db3a36
GET /wp-content/uploads/2022/01/logo-medi-buy-300x91.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6686
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 12:04:26 GMT
etag: "1a1e-5d5757cdbc516"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6
IP 217.160.0.82:0
File type ASCII text, with very long lines (31964)
Hash 8862282ce56835e836fb6ff60ab0a342
425ff16d18b5405e95605ed4811fec850db3dbd2
0c61d24056595b76f0a1fada3cf50f85774aa64210a7402a1d48a7d9851ed081
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.10.6 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 16910
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "ebca-5f75cae4c988c-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beta.medi-buy.de/wp-includes/js/wp-emoji-release.min.js?ver=6.2
217.160.0.82200 OK 5.8 kB URL HTTP/2 beta.medi-buy.de/wp-includes/js/wp-emoji-release.min.js?ver=6.2
IP 217.160.0.82:0
File type ASCII text, with very long lines (15718)
Hash b8950ae5555b3ecfd69dab2d5d2a557e
08f0e91c65d4ae5722add8e4eefcb25d6f0a3a5e
162626c7620e16e2549aa396985c8eac7776c04e32b24809da2c67390882c4ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5828
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 22:45:26 GMT
etag: "4904-5f811bb76c45a-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3
217.160.0.82200 OK 7.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 7068, version 1.0\012- data
Hash 48c36cf085b90e204ed78cf3b5925098
8708b0fff49904b989ea4d62291957dd827dd254
8bdd2549e2df32257d86d141069f086600680d6132d18143617f0289d8926414
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 7068
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "1b9c-5eff1d1bb6274"
accept-ranges: bytes
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16556, version 1.1\012- data
Hash 204229ac29208812c364bd69a5873249
827aa06d1fb96d497ea39a9a313f0535972a0d45
1e86591b39be2da705365b6095091b6597c65de407663af7fdd93425f8bcfb2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16556
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "40ac-5eff1eb038609"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff
217.160.0.82200 OK 17 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16568, version 1.1\012- data
Hash 23facbf845d56af99e5a7d8d6eb0b74e
b0270e9c1081ba45dc2d7bee632e30770ac1fe1b
06740bed37ae127653a71aafd5ef45de0238e7622639a9ab6dbf1f2144890a0c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16568
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "40b8-5eff1eaff5f8b"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff
217.160.0.82200 OK 16 kB URL HTTP/2 beta.medi-buy.de/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff
IP 217.160.0.82:0
File type Web Open Font Format, TrueType, length 16532, version 1.1\012- data
Hash 5658587e268e0a5319c14210a31c2625
9b13f9bc1b393692f51e64a9410db358045d194b
36063bc10841f02b28ef7b3fa2581f2ce71de9679b87b3c493e7242a86e78f6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXx-p7K4GLs.woff HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 16532
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:26:32 GMT
etag: "4094-5eff1eb07bc28"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ce7308102e0dd738be581569aab3c18f
1cad180ddadf6b3f9da7cddb50f6b8295128553d
1927bf86d6f33ee13042472aadda4133d65bc9535025c5f8a36dc76dfbaa6012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3478
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:17:53 GMT
Last-Modified: Fri, 31 Mar 2023 08:19:55 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg
217.160.0.82200 OK 10 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 9a09f869040091ac4908de6c4beabda9
77e90e31d48095d1ba5cd3b3ef4c428245576385
8fe3ea176e78283acce9df187516293b11e7ebbdcf13dd264ef26097e3dea90c
GET /wp-content/uploads/2022/01/cropped-medi-buy-favicon-192x192.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10017
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 15:25:46 GMT
etag: "2721-5d5784ced7768"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg
217.160.0.82200 OK 1.2 kB URL HTTP/2 beta.medi-buy.de/wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg
IP 217.160.0.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 08a610c7e0167cb173f5720fc161456d
ee0192a063737abfbca328a38f09c342e95b3608
1e8ee95ff4b31ef5ccd7d34abef99ca5c2a58da401694fab1bfdc89e514f759b
GET /wp-content/uploads/2022/01/cropped-medi-buy-favicon-32x32.jpg HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1231
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Thu, 13 Jan 2022 15:25:47 GMT
etag: "4cf-5d5784cee61c8"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64347)
Hash 7716e124e19760049484d1bcde4a8af2
51d50c9e9b7fc658c1316d1844418cee0baffa2a
fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: V8X984J9ps5yD9/Cs6X5W1dzguQWtKDanmIxrm0TQRiya9XUKERm55LeXimULJdmyVe1DO+0boTbz1FShVJzQw==
content-length: 27909
x-fb-trip-id: 1679558926
date: Fri, 31 Mar 2023 09:17:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ce7308102e0dd738be581569aab3c18f
1cad180ddadf6b3f9da7cddb50f6b8295128553d
1927bf86d6f33ee13042472aadda4133d65bc9535025c5f8a36dc76dfbaa6012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3478
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:17:53 GMT
Last-Modified: Fri, 31 Mar 2023 08:19:55 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 08:05:11 GMT
expires: Fri, 31 Mar 2023 10:05:11 GMT
cache-control: public, max-age=7200
age: 4362
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=677925013534968&ev=PageView&dl=https%3A%2F%2Fbeta.medi-buy.de%2Fmailster%2F1846%2F130935d1668c387061a77b01fb045743%2FaHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ&rl=&if=false&ts=1680254273505&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22347677693772227%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221329212860892160%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1680254273504.589571856&it=1680254273293&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=677925013534968&ev=PageView&dl=https%3A%2F%2Fbeta.medi-buy.de%2Fmailster%2F1846%2F130935d1668c387061a77b01fb045743%2FaHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ&rl=&if=false&ts=1680254273505&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22347677693772227%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221329212860892160%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1680254273504.589571856&it=1680254273293&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=677925013534968&ev=PageView&dl=https%3A%2F%2Fbeta.medi-buy.de%2Fmailster%2F1846%2F130935d1668c387061a77b01fb045743%2FaHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ&rl=&if=false&ts=1680254273505&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22347677693772227%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221329212860892160%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1680254273504.589571856&it=1680254273293&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beta.medi-buy.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 31 Mar 2023 09:17:53 GMT
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3
217.160.0.82200 OK 2.0 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (5448), with no line terminators
Hash 541fb28dea48f095bf384acb19acc677
9a7fded0e02ea0a9e95003de324bef607ea0a9e1
be30ee71ee5ba9714b9bd2d16861d3d8a56339c7c137bf0ad75d6ad553600654
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 2026
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "1548-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3
217.160.0.82200 OK 3.7 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (10850), with no line terminators
Hash ced7b86c969aca4cf677893965b9ae5c
db6e15ec99dd0285187356f33de2d420b8781c8b
b519f5e28be29a411d77768b8742011bdfe14f95a528453c3c660a9d32e09526
GET /wp-content/themes/flatsome/assets/js/chunk.sticky-sidebar.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 3747
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "2a62-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3
217.160.0.82200 OK 8.1 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (20237), with no line terminators
Hash 62c52004fe55e8192fcf534c4981a87a
a3ac5df1b4421a29fa60d0da1c5cf1cfa7275d7c
b94294fd3777a51e0d1dae53c4e8c8191d0f727b382dbb69142f61f4cb1caccf
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 8133
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "4f0d-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3
217.160.0.82200 OK 5.5 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (16876), with no line terminators
Hash 0c3a21adfadef95c78e5ffebd384e28a
d97f515e1d5e6f71d521756e6c5736245dfbd31a
29a1a55aac54924ceca7bd86ede08bfb7fff19ddc6e7e21d812c77350c0d3a44
GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 5476
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "41ec-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3
217.160.0.82200 OK 16 kB URL HTTP/2 beta.medi-buy.de/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3
IP 217.160.0.82:0
File type ASCII text, with very long lines (49588), with no line terminators
Hash 710b8bf06205a382e8c03d91ac18e003
66794fdabe272a6c2ff33a030839c7f860d3e024
e44a5b1c318afff2c356ad6cdd49679a6d68a935dcd67ac63b56479414a278c5
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.3 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://beta.medi-buy.de/mailster/1846/130935d1668c387061a77b01fb045743/aHR0cDovL3RoZW1lZm9yZXN0Lm5ldC91c2VyL251dHp1bWkvcG9ydGZvbGlvLz9yZWY9bnV0enVtaQ
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 16244
date: Fri, 31 Mar 2023 09:17:53 GMT
server: Apache
last-modified: Fri, 16 Dec 2022 13:19:28 GMT
etag: "c1b4-5eff1d1c0f052-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Fri, 28 Apr 2023 09:17:53 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
217.160.0.82200 OK 19 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 18912, version 1.0\012- data
Hash f937643e9e2d39b98a3ae9ada057e740
fe2534a5e2bf00d090f50ba03a536a0e76e8e9a6
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 18912
date: Fri, 31 Mar 2023 09:17:55 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "49e0-5f75cae4c2b2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
217.160.0.82200 OK 19 kB URL HTTP/2 beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
IP 217.160.0.82:0
File type Web Open Font Format (Version 2), TrueType, length 18796, version 1.0\012- data
Hash e5ab24fb2b666576b0f199e25e1b5c09
cf8cfb1025573f69d37688b617931ff10da62fd8
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2 HTTP/1.1
Host: beta.medi-buy.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://beta.medi-buy.de/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.10.6
Cookie: _ga=GA1.2.1502504621.1680254273; _gid=GA1.2.630393176.1680254273; _gat_gtag_UA_217443978_1=1; _fbp=fb.1.1680254273504.589571856
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 18796
date: Fri, 31 Mar 2023 09:17:55 GMT
server: Apache
last-modified: Mon, 20 Mar 2023 22:45:16 GMT
etag: "496c-5f75cae4c3acc"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 41409
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2