r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9795
Expires: Mon, 30 Jan 2023 23:35:09 GMT
Date: Mon, 30 Jan 2023 20:51:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14371
Expires: Tue, 31 Jan 2023 00:51:25 GMT
Date: Mon, 30 Jan 2023 20:51:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 20:43:13 GMT
content-type: application/json
age: 521
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2416
Expires: Mon, 30 Jan 2023 21:32:10 GMT
Date: Mon, 30 Jan 2023 20:51:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h6Fs8YLZtxryemTeFWoPLuvGzO74hMZlsVgIPAwWmYrp4jrxhl5ZOG4Rg0nFpzl0iaHzk1yn1bo=
x-amz-request-id: 2XZRHD126TX088QD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 20:21:56 GMT
age: 1798
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:51:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ws-immogroup.ch/msm/login.php
45.134.226.30301 Moved Permanently 0 B URL HTTP/1.1 ws-immogroup.ch/msm/login.php
IP 45.134.226.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /msm/login.php HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 20:51:54 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://ws-immogroup.ch/msm/login.php
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 20:41:41 GMT
age: 613
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Mon, 30 Jan 2023 23:07:27 GMT
Date: Mon, 30 Jan 2023 20:51:55 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.217.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.217.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7lrITegl7jV1F7bqIzDApA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x4yODsDCQ32BtCtqlhQu0k+BnDg=
ws-immogroup.ch/msm/login.php
45.134.226.30404 Not Found 48 kB URL HTTP/1.1 ws-immogroup.ch/msm/login.php
IP 45.134.226.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash c0932160637ecfe260453562dfeac4a2
0a99b47fae9d6eaa2e1bc5127f893847448163d7
00a2dc1f1dcbde6897c5ec0651e533a1e7f2e31ca5b14150b7e58107c37a349e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /msm/login.php HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 20:51:54 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://ws-immogroup.ch/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ws-immogroup.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
45.134.226.30200 OK 95 kB URL HTTP/1.1 ws-immogroup.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 45.134.226.30:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 22:15:16 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
45.134.226.30200 OK 19 kB URL HTTP/1.1 ws-immogroup.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 45.134.226.30:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 21:07:20 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-includes/css/classic-themes.min.css?ver=1
45.134.226.30200 OK 217 B URL HTTP/1.1 ws-immogroup.ch/wp-includes/css/classic-themes.min.css?ver=1
IP 45.134.226.30:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 10:07:20 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/themes/hello-elementor/style.min.css?ver=2.4.2
45.134.226.30200 OK 5.9 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/themes/hello-elementor/style.min.css?ver=2.4.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (5854), with no line terminators
Hash a4274997af072baef948d2162516eced
feb189c83b051b9fde2407b70c154d8e5efd60a0
027092a96653b7043305080fa03cbcfff120c251c5b000eedf111168d3fd98bf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.4.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 17 Jan 2022 10:08:24 GMT
Accept-Ranges: bytes
Content-Length: 5854
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/uploads/elementor/css/post-5.css?ver=1643646076
45.134.226.30200 OK 1.0 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/elementor/css/post-5.css?ver=1643646076
IP 45.134.226.30:0
File type ASCII text, with very long lines (1010), with no line terminators
Hash a04a9b3d7262d035adf5a29798309874
07325b5b662e12bef61e78988a142e7f5464a204
3aed72b2be1bc8fe9c11753f59c1e014bca45e51d6cae4886c561d97bc3c1be8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-5.css?ver=1643646076 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 16:21:16 GMT
Accept-Ranges: bytes
Content-Length: 1010
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.3
45.134.226.30200 OK 120 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 120 kB (120523 bytes)
Hash fcabad2a10da2d2b03619f2ac4fa0d5c
307f623c875369bcccb565461c025363da927fd0
8eb8669e3beac58d8a5ecba69cb681604fbd75d837df8d7e332d173f2d36c142
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 120523
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2
45.134.226.30200 OK 15 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (15164), with no line terminators
Hash b81597c6fbe02f39682910dac2fd4824
ec10802c841c2f251d85e91efa5926eb3324564d
9ee09652280b56db59db015c319a6a6b80e1e161a8a0b703207e1a59b4c4e3a8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 17 Jan 2022 10:08:24 GMT
Accept-Ranges: bytes
Content-Length: 15164
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.134.226.30200 OK 11 kB URL HTTP/1.1 ws-immogroup.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/uploads/elementor/css/post-103.css?ver=1674489745
45.134.226.30200 OK 7.8 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/elementor/css/post-103.css?ver=1674489745
IP 45.134.226.30:0
File type ASCII text, with very long lines (7770)
Hash 6fcc00a5c91e4ac9c26153f02171cfd5
3707b61b2c11b8952fcdc069ad5f3bcc80d8b308
c1e0fcbb02d8cb35b1e61e9db1899267bac0d077f8d4a639458fd468edc13b00
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-103.css?ver=1674489745 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 23 Jan 2023 16:02:25 GMT
Accept-Ranges: bytes
Content-Length: 7814
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.3
45.134.226.30200 OK 30 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (30283), with no line terminators
Hash d942a12c644c208f99aeaa5fc0914d92
3f9e011aec544347fbf476cc9f944679de65d35e
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 30283
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4
45.134.226.30200 OK 99 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4
IP 45.134.226.30:0
File type ASCII text, with very long lines (65497)
Hash 91ff8a63ba55e68129522ab0f78d9b2f
326f7062f5cd2695c5a935adf8296518368c5457
2ddc76403bde60bb11ec84cc541fb1b9cecfe49fe1f9893d6dd61e6f8c30a80e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 98820
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
45.134.226.30200 OK 19 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
IP 45.134.226.30:0
File type ASCII text, with very long lines (19004)
Hash 1867071e645872848d44e4dc23ae5c28
cb4dcf0c1aaa79c53c3b07984d4065cdb8b6ac36
ea8148c79052a55ec1596b4598795a4fa3bc979b9ecab3b0f6beb130e9b1d9e5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 19050
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.134.226.30200 OK 90 kB URL HTTP/1.1 ws-immogroup.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.134.226.30:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 10:07:20 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4
45.134.226.30200 OK 18 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4
IP 45.134.226.30:0
File type ASCII text, with very long lines (10019)
Hash 4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 18468
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/uploads/elementor/css/global.css?ver=1643646077
45.134.226.30200 OK 39 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/elementor/css/global.css?ver=1643646077
IP 45.134.226.30:0
File type ASCII text, with very long lines (14578)
Hash 6d2caf54273844cd8c34f6212d59e16a
03c132308ee3bcd1ccfee35db211c3a06e27190f
917c2ec145d3590c558467adf6faf23fb1d0d4a1ed69d35cc08b663b3ada1b80
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1643646077 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 16:21:18 GMT
Accept-Ranges: bytes
Content-Length: 39078
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
45.134.226.30200 OK 58 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 57912
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.3
45.134.226.30200 OK 444 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.3
IP 45.134.226.30:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 444 kB (444526 bytes)
Hash b5af5ea385016faf9099931153cecc8e
f2a6b2823431a932a551856271423b02dd89b0c9
63c7386d1385f8ca5dbe4738a7dc4c2f4c6fce2bc7a9773d57d86df9d7efd95a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 444526
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2
45.134.226.30200 OK 127 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (65493)
Size 127 kB (127275 bytes)
Hash bd0de6a426974089e42c77d04cb5c2f2
bb984aea84cdf164cb7515c75342fbf1feab5363
63649065e3416748d2a80ad9e891a8c751862c78182156a08565ca84dd4f16b8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:30 GMT
Accept-Ranges: bytes
Content-Length: 127275
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
45.134.226.30200 OK 677 B URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (491)
Hash 3eef8c9e589a6fd58292e79bbac4ba5d
d3ebdb629b8d9c92380b14b1676b123398f0841b
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 677
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
45.134.226.30200 OK 669 B URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 669
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.12
45.134.226.30200 OK 59 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.12
IP 45.134.226.30:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 9e95e17acc7a09a3780fe01cbf444e79
7ccfdc93028b170213ebddfcd9499c1a9c153022
877fb6e2e8b993f6aa54b9728f38609c24d7d3aa24b20fe9cb3251ab2c81bf5b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.12 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 13:19:48 GMT
Accept-Ranges: bytes
Content-Length: 59125
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ws-immogroup.ch/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.12
45.134.226.30200 OK 129 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.12
IP 45.134.226.30:0
File type ASCII text, with very long lines (45108), with CRLF line terminators
Size 129 kB (128805 bytes)
Hash 36eae79291edd0c720f3a06e0fe70ca5
27f1ff85ea62467da48fe3a5b9ccd52510add520
011aebc828da0fe0c4bd796ae64c908c227cd5a792fc9c46f08cc114473a8c9f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.12 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 13:19:48 GMT
Accept-Ranges: bytes
Content-Length: 128805
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.12
45.134.226.30200 OK 384 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.12
IP 45.134.226.30:0
File type ASCII text, with very long lines (64288)
Size 384 kB (384520 bytes)
Hash 36c88bc9e0b0c338cb33ece5fe1b357b
77d5f227db56c1e15b350d6346b48ffcb1c80f21
6063ba30ab82761aed44e2d1f0dd6cdbf0e96a84695dbaac2bb5492270388bf2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.12 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 13:19:48 GMT
Accept-Ranges: bytes
Content-Length: 384520
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2
45.134.226.30200 OK 5.0 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (4922)
Hash 4b89c63b3a608532f302ce183c639590
5a1c40f1df407ebdab2f7ea0767e791fab771508
fe0b038edbeff4a8cdb38484012d640f9eb1bbe50df495cc38850ee9ff2cdb19
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:30 GMT
Accept-Ranges: bytes
Content-Length: 4965
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
45.134.226.30200 OK 3.1 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 45.134.226.30:0
File type ASCII text, with very long lines (3113), with no line terminators
Hash 991851ce021f42521a9b8c707500d731
d3b7d0a28b0e6a7e0621f78b1ba440b52060cc9c
bd29338c097619843470ad38187d0c1754d939b12fa755f4c11f9e53fd46b09f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 17 Jan 2022 10:08:24 GMT
Accept-Ranges: bytes
Content-Length: 3113
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.3
45.134.226.30200 OK 40 B URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 40
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-immogroup.ch/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4
45.134.226.30200 OK 4.9 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4
IP 45.134.226.30:0
File type ASCII text, with very long lines (4866)
Hash 4681157e14fd7f6cb3e272ee3159a937
e3b7c34dace4100f12918c5ab39a5c7b8f2635eb
9ba944e835b122f70dcf015cd40925ec29f0029a2bf8e4d3b8f04d543e6cca8d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 4905
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.3
45.134.226.30200 OK 146 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (45027)
Size 146 kB (146284 bytes)
Hash 3a70ba59770d262ab51ee39795aa9a75
8e2ed57b87f8b1f825c83c8cd2d9cef4c1703506
c548982d3e0ec0fd708fbb16221bd874f3ddfc778d1a83bc15de7bdb6add725c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:55 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 146284
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-immogroup.ch/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4
45.134.226.30200 OK 14 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4
IP 45.134.226.30:0
File type ASCII text, with very long lines (14196)
Hash ab2174607197e6a0f98c5a04d2ebe213
963197645f9bc2a8865ac247ad58fe227bbedf71
c963799958f6596baa8de220fc30fdf661519664fd3428bdd92da76c4be2bb55
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 14235
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2
45.134.226.30200 OK 20 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (20250)
Hash 6dd98ee5258bff321dbfd4b96a42df74
ccd467b173c920800cf87bf8ae190488bb29ed2c
ce0ed4310e1bd403aa701f5461db2cecf2f414ad8334893234ff2d106fb0a5e7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:30 GMT
Accept-Ranges: bytes
Content-Length: 20293
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
45.134.226.30200 OK 12 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 12198
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
45.134.226.30200 OK 21 kB URL HTTP/1.1 ws-immogroup.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 45.134.226.30:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 10:07:20 GMT
Accept-Ranges: bytes
Content-Length: 21440
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2
45.134.226.30200 OK 24 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2
IP 45.134.226.30:0
File type ASCII text, with very long lines (24241)
Hash de04a91e544f7aa2e37e2ea2a5c7163a
0926aa7f7f212a4efa051211bb9eeae5173cf0d1
2d990e6c3d103a96bb92f0d6e827e07b56bb3ef7c143ed05eb936d4a0abfe00d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:30 GMT
Accept-Ranges: bytes
Content-Length: 24284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.3
45.134.226.30200 OK 16 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (16348), with no line terminators
Hash f48baf4d5409734e2b13438e454d1ae2
27e4c1185a7dcb4d17c7e010aabb8d6627f1ecb1
0ba6e8f5e63ace42bf5222491295b9abc80089d64207cff00e33f65eaec34853
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 16348
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.3
45.134.226.30200 OK 810 B URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.3
IP 45.134.226.30:0
File type ASCII text, with very long lines (810), with no line terminators
Hash 5ab577656d48e7fb2da4071c3477d4f4
34a292f50ec979d7967a08c2ff4d707c39a11f3c
8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 12:40:30 GMT
Accept-Ranges: bytes
Content-Length: 810
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.3
139 kB URL ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.3
IP :0
File type ASCII text, with very long lines (65280)
Size 139 kB (139153 bytes)
Hash 15bb2b8491fc7e84137d65f610e1685a
cd76b70a5426893e9c022b9a75c50a7c1348e2d0
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.3 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
45.134.226.30200 OK 78 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 45.134.226.30:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
45.134.226.30200 OK 13 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 45.134.226.30:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ws-immogroup.ch/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19124, version 1.0\012- data
Hash c1b5d14d0136309bd96218e6847b3918
6d73e6d49b1e6313768d3a34b00d643ab0ac34b4
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
GET /s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ws-immogroup.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:09 GMT
expires: Sat, 27 Jan 2024 02:06:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:47:30 GMT
content-type: font/woff2
age: 326747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ws-immogroup.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 60387
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ws-immogroup.ch/wp-content/uploads/2022/05/hyperkreativ_logo.svg
45.134.226.30200 OK 9.9 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/2022/05/hyperkreativ_logo.svg
IP 45.134.226.30:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (9912), with no line terminators
Hash 34d90f7bffb1fd2c2ed958a81d227b70
e514c054a1b0d476bb04201770d80fc854cc5594
ec1646cc5ee96d8168d3ac9099e61efd1b9c350e2ee683094f3f695411cf0584
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/05/hyperkreativ_logo.svg HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Fri, 20 May 2022 09:50:24 GMT
Accept-Ranges: bytes
Content-Length: 9912
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws-immogroup.ch/wp-content/uploads/2022/05/Coming-Soon-5.jpg
45.134.226.30200 OK 168 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/2022/05/Coming-Soon-5.jpg
IP 45.134.226.30:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1032x1024, components 3\012- data
Size 168 kB (168129 bytes)
Hash 3ce6907d60f2e2b47421e0a9dc0a5688
92b40e8cfb5e51aa41d00455ffdb9386bf6bb20a
5e321f8d2cae2a00c0817f651d0bb3648db5348c7d54e0aeb81379f92e0951d5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/05/Coming-Soon-5.jpg HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Fri, 20 May 2022 09:50:24 GMT
Accept-Ranges: bytes
Content-Length: 168129
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ws-immogroup.ch/wp-content/uploads/2022/01/cropped-download-300x300.png
45.134.226.30200 OK 7.5 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/2022/01/cropped-download-300x300.png
IP 45.134.226.30:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 2dd30f0c051fa02543a08b5675b2f28e
5942a0001354839e74af2ee6ebdb5d1742a0cebe
8cad7e6e03cf8dde32799d2ef83455ba146438bb3bc6f2e89ff09b59c659e4b9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/01/cropped-download-300x300.png HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 16:21:00 GMT
Accept-Ranges: bytes
Content-Length: 7460
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
ws-immogroup.ch/wp-content/uploads/2022/01/cropped-download-150x150.png
45.134.226.30200 OK 2.9 kB URL HTTP/1.1 ws-immogroup.ch/wp-content/uploads/2022/01/cropped-download-150x150.png
IP 45.134.226.30:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3c17a5752e12edc4c0e5927136f6bb
1d08ecc3c944b9423e066e4f6f22a07e8e7118e4
7468c92b77a629290e72d2981ad750783fa1ac5857ffc87a96823fb9ed174892
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/01/cropped-download-150x150.png HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 16:21:00 GMT
Accept-Ranges: bytes
Content-Length: 2894
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4550
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 20:51:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4550
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 20:51:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4550
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 20:51:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20772
Expires: Tue, 31 Jan 2023 02:38:08 GMT
Date: Mon, 30 Jan 2023 20:51:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 82834
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 81779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 81119
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 82349
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 54247
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:50:16 GMT
age: 82900
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Yantramanav%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Yantramanav%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.138:0
GET /css?family=Yantramanav%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 20:51:56 GMT
date: Mon, 30 Jan 2023 20:51:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=IBM+Plex+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=IBM+Plex+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.138:0
GET /css?family=IBM+Plex+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 20:51:56 GMT
date: Mon, 30 Jan 2023 20:51:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ws-immogroup.ch/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4
45.134.226.30200 OK 0 B URL HTTP/1.1 ws-immogroup.ch/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4
IP 45.134.226.30:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4 HTTP/1.1
Host: ws-immogroup.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws-immogroup.ch/msm/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:51:56 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 11:55:44 GMT
Accept-Ranges: bytes
Content-Length: 36889
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript