| caduff-sa.ch/wp/wp-content/themes/individual/images/logo.png | 80.74.128.22 | 200 OK | 19 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/logo.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 190 x 122, 8-bit/color RGBA, non-interlaced Hash41e16641fc75e6af60ee725ea655ad2f 1cd8f917f1b4517d48d054f569af3214d6874300 deb437e38e97856c9ec7e2cf03f3f217cd5ce59a01bfa75b9b71d2eb2f789a56
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/logo.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/png
content-length: 18556
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-487c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/facebook.png | 80.74.128.22 | 200 OK | 588 B |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/facebook.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 58 x 58, 8-bit/color RGBA, non-interlaced Hash49de826060d7b8b73dfaaffe9040f804 de6a7c6ab2e5d6b8048607d8fdb309a6d4fb32c1 95830431420ad52a28ca356b624b46b3a64ba68ab877e34f19f7a3779c1e2e46
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/facebook.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/png
content-length: 588
x-accel-version: 0.01
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "24c-580bf5c3a8080"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-2964946-14 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-2964946-14 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash993915dac7df43adb1976868cc58d0f9 2720c00b1380b6c3d446944dfa1493740c2c29cf 112fcdcf4def5a9c3db96bd303da8363400bb8b415ab2596bdaf90ef72b027b1
GET /gtag/js?id=UA-2964946-14 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 02:54:02 GMT
expires: Thu, 09 May 2024 02:54:02 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 142.250.74.74 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:43:21 GMT
expires: Fri, 02 May 2025 23:43:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 529841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/home.png | 80.74.128.22 | 200 OK | 8.5 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/home.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 82 x 87, 8-bit/color RGBA, non-interlaced Hash3e16e933c4637d36c181d83ceed2e6c9 94fb243fef21095d1740edad350b57bfc316769b b8ca87278deaa90add73c8fb1ae72b7152de20a28f10d42cb1fe3261dd7659ca
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/home.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/png
content-length: 8498
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-2132"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/mail.png | 80.74.128.22 | 200 OK | 8.9 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/mail.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 86 x 85, 8-bit/color RGBA, non-interlaced Hash651267a5ae83753c6577611bb369cb34 978cb9858a23cdce7871b2991d2e7406b07277f8 55a937a460f140be81fd8c0e148f1767a8818e5486d1ad9f6f5a66dc40d0eac0
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/mail.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/png
content-length: 8865
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-22a1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/info.png | 80.74.128.22 | 200 OK | 8.4 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/info.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 88 x 87, 8-bit/color RGBA, non-interlaced Hash84aeb424a29fb0b5a4cfcb4ae4820802 a36340720d280000428e86742485d7b7518e3b88 432b52af0500a291e3b7bfd46b5f133bcf4393b221c3846ef22b9be81e24855b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/info.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/png
content-length: 8437
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-20f5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/uploads/2023/02/Betriebsanleitung-Anriss.jpg | 80.74.128.22 | 200 OK | 130 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/uploads/2023/02/Betriebsanleitung-Anriss.jpg IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x380, components 3 Size130 kB (130549 bytes) Hash18578164714f7789411e95840d3466bd eaa6627967b25528392c33e24531a84e66be938e 31ffce430c0c9891ef37db4e3f1a327d1ca7d8eca3f5110a83fe5070804379e8
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/uploads/2023/02/Betriebsanleitung-Anriss.jpg HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/jpeg
content-length: 130549
last-modified: Thu, 02 Feb 2023 15:23:25 GMT
etag: "63dbd56d-1fdf5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/uploads/2023/02/img_intro.jpg | 80.74.128.22 | 200 OK | 455 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/uploads/2023/02/img_intro.jpg IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 980x480, components 3 Size455 kB (455358 bytes) Hash20f15d39c5ef2702f94eb881fe01fa35 bdf273ae738cfe05831c87f638c8862791b02c28 25d10a8d2c7396de47315e82055aa4f8e12e020d2ef324be7678598d377198fc
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/uploads/2023/02/img_intro.jpg HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: image/jpeg
content-length: 455358
last-modified: Thu, 02 Feb 2023 14:58:24 GMT
etag: "63dbcf90-6f2be"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7 | 80.74.128.22 | 200 OK | 3.5 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (11117), with no line terminators Hasha53a916adf48efefd5a2aa0861ebbc07 46acfa0be9dd623a7aa9bceb1344c152a8adc13b 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:58:24 GMT
vary: Accept-Encoding
etag: W/"65dc60c0-2b6d"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&ver=3.0 | 142.250.74.164 | 200 OK | 1.1 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js?render=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&ver=3.0 IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hash189f42a710d17363e0a7e0a531816ae2 10b0cba517408aef170808a570c383b4fde0429c f992db7e73a68969e7621876d259b27b08f096b00d9cfa94d67b37ff3c0f4a2c
GET /recaptcha/api.js?render=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 09 May 2024 02:54:02 GMT
date: Thu, 09 May 2024 02:54:02 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/background.png | 80.74.128.22 | 200 OK | 23 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/background.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 1060 x 459, 8-bit/color RGBA, non-interlaced Hash43a84c25ae9edfae1a43b094fd3a3296 ede6dc512e50258b8faedfd4211cd8c56245a010 0d0c44b5ed2b27c979141e7f7a6fca8543aa9b3aae170a78205f62482323d7be
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/background.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/wp/wp-content/themes/individual/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/png
content-length: 23229
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-5abd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/images/search.png | 80.74.128.22 | 200 OK | 3.2 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/images/search.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced Hash0af07ae74d964e170d6b01cdc6e4f0f5 ce2c285022c01be1165517265edebef7f5a1559c f5e0ef069ae7b5b79573480081913cbce5536f1a2463434446966470e78301cf
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/images/search.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/wp/wp-content/themes/individual/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/png
content-length: 3172
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
etag: "5c52dc72-c64"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/uploads/2021/09/Logo-Tancadi-Caduff_negativ-300x115.png | 80.74.128.22 | 200 OK | 15 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/uploads/2021/09/Logo-Tancadi-Caduff_negativ-300x115.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 300 x 115, 8-bit gray+alpha, non-interlaced Hash2a8261e0880484dc4ab365b39c38cdf4 bc6aafcdf3ed895ba5e29fb48e427ae8c10119ed a8d15b982166f063fd207f41184df5ca1c2ca926df66c83e738dcab13a6e7bcd
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/uploads/2021/09/Logo-Tancadi-Caduff_negativ-300x115.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/png
content-length: 15156
last-modified: Tue, 21 Sep 2021 11:54:10 GMT
etag: "6149c7e2-3b34"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/uploads/2021/09/DSC_6100-300x200.jpg | 80.74.128.22 | 200 OK | 25 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/uploads/2021/09/DSC_6100-300x200.jpg IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright= ], baseline, precision 8, 300x200, components 3 Hash9ab0d89922187ac318ffd0aa11ebd3f5 a873198468b65514cb55bf198d547e4475eb32a9 5ad948ee72226b2458ca9f25210732c258ca0d35354fd40352f0d56c19f0bc79
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/uploads/2021/09/DSC_6100-300x200.jpg HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/jpeg
content-length: 25336
last-modified: Tue, 21 Sep 2021 13:54:38 GMT
etag: "6149e41e-62f8"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.0 | 80.74.128.22 | 200 OK | 20 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeASCII text, with very long lines (401) Hash26b4f0c3c1bcf76291fa4952fb7f04fb e5f3d41d8dbe3c4a2b36cf9cb4722496e7d6797e 2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.2.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:58:34 GMT
vary: Accept-Encoding
etag: W/"65dc60ca-17e1"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3DP35R20ZZ&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-3DP35R20ZZ&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashe2f687fbca1821409429d90f1371d6f4 a2735f337f6bbc9f04d743376da4d0a8d28606e2 339362ed0d2567c1189dbc581dd1a658c79abf6ea60597d5fb4b94df13d04caa
GET /gtag/js?id=G-3DP35R20ZZ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 02:54:02 GMT
expires: Thu, 09 May 2024 02:54:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://caduff-sa.ch
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 211288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/embed.js | 142.250.74.174 | 200 OK | 20 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/embed.js IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hash6b1e9f0504828607a4f59e3e04a43bd7 fcbb02f80b1d031640be70840dd0fd6f60c87a3c 0844cf3b7743e155d22eff4e535fa5290b077f189210f6fc26c1c72b19f6f1f0
GET /s/player/178de1f2/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:26:22 GMT
expires: Wed, 07 May 2025 07:26:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 156460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 469378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/iyqj2sa1ooM?rel=0 | 142.250.74.174 | 200 OK | 86 kB |
URL GET HTTP/2www.youtube.com/embed/iyqj2sa1ooM?rel=0 IP142.250.74.174:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (58090) Hash623e3e05723bada394aa44f39ac06838 779a1caad2c1604d1a21fbcd38d278486a7c3a3c 0c45ce498d391f5a9c76b48aafeaea91f08409936672550cf9c7e3d75eeb8fc2
GET /embed/iyqj2sa1ooM?rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 02:54:02 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9SyB3mDS8-E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=xrz7k_ttgp4; Domain=.youtube.com; Expires=Tue, 05-Nov-2024 02:54:02 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIFI%3D; Domain=.youtube.com; Expires=Tue, 05-Nov-2024 02:54:02 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/apple-touch-icon.png | 80.74.128.22 | 200 OK | 6.2 kB |
URL GET HTTP/2caduff-sa.ch/apple-touch-icon.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash26580aad1199e00cf37c06ee636bc97f f6a0619349b906667ebe59ed4defa3786616b57f afd0f7cf6b07121ae338f4fb6a88a8963378af3ef0d54f12142d1990804fadae
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Cookie: cookielawinfo-checkbox-funktionell=no; cookielawinfo-checkbox-leistung=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-anzeige=no; cookielawinfo-checkbox-andere=no; cookielawinfo-checkbox-notwendig=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/png
content-length: 6201
last-modified: Fri, 16 Aug 2019 09:57:35 GMT
etag: "5d567e0f-1839"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/favicon-16x16.png | 80.74.128.22 | 200 OK | 800 B |
URL GET HTTP/2caduff-sa.ch/favicon-16x16.png IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash3d88e956856a0ca8fea8fb10284a8f5a f2649339d848e4b24b6a33217728c884bea0843b 37732cbd893d9f052d91ed4e7d7b2b892fa1c95a7f571dde8d3dfb28aa472745
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon-16x16.png HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Cookie: cookielawinfo-checkbox-funktionell=no; cookielawinfo-checkbox-leistung=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-anzeige=no; cookielawinfo-checkbox-andere=no; cookielawinfo-checkbox-notwendig=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/png
content-length: 800
x-accel-version: 0.01
last-modified: Fri, 16 Aug 2019 09:57:35 GMT
etag: "320-59039050061c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 3790
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.7 | 80.74.128.22 | 200 OK | 98 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.7 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeASCII text, with very long lines (934), with no line terminators Hashec0187677793456f98473f49d9e9b95f 8c55e0f4a29865e871f3d54be8d480a0665891d9 df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.7 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 26 Feb 2024 09:58:24 GMT
etag: W/"3a6-61245f349b000"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/js/responsive-nav.min.js | 80.74.128.22 | 200 OK | 8.8 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/js/responsive-nav.min.js IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (6390), with no line terminators Hash42b1d239204afa11a27f69906b592449 129d872d32be24640916e1189b79e9e28e453063 ab24fddaa68a9198986fdba447a559e4c565659d3b0db4de02c906ae1eb67ba1
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/js/responsive-nav.min.js HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
vary: Accept-Encoding
etag: W/"5c52dc72-18f6"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/style.css | 80.74.128.22 | 200 OK | 9.8 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/style.css IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
Hashc55e79630850776e81f32534d5d8d086 150adb917241c8d77fe2a7aeb70b2ea7677a2d84 8a95cec5d3db17caf73d3087cafa86bbe1457776cab3be4b54dfc06e3ccb8087
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/style.css HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Fri, 24 Sep 2021 14:06:12 GMT
vary: Accept-Encoding
etag: W/"614ddb54-433d"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/base.js | 142.250.74.174 | 200 OK | 813 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/base.js IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (555) Size813 kB (813434 bytes) Hash5ebe39f943e9d7346eaf44c56f463112 ad47f985f0bee2bc75b616d6bab087e8fee187aa 1ce835d53b199d552ef2e014c6b08754d901d4638eddf97ee2c58249de0fd863
GET /s/player/178de1f2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 813434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:26:22 GMT
expires: Wed, 07 May 2025 07:26:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 156460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css | 142.250.74.35 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 199170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 211288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 469379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 3791
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:54:07 GMT
expires: Thu, 09 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 604796
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js | 142.250.74.164 | 200 OK | 7.5 kB |
URL GET HTTP/3www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (17624) Hash1b84878b10f495c0906cf29733630286 f0253a2a4155c4b073f72bb19d81f6a065b3671a 475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6
GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 516698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q | 142.250.74.164 | 200 OK | 205 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size205 kB (204557 bytes) Hash58ef5a1879323b52830ca6b63eff741e 6123460994053da5509116f98f807ad23b84861d ff01cbbf60e473a0933ff6d3c091674a005db4909cff95167ada4c13185b276f
GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 09 May 2024 02:54:03 GMT
date: Thu, 09 May 2024 02:54:03 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 0 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 09 May 2024 02:54:03 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 42 kB |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash926327e331e49495e3945d619811217d 4b9b1ef41371789ebd927bea4f4463875d494566 1ac5b75a1377de1f4a471474f1fc60ce3aceb4024a391fbe8304ceaff994d6bf
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 May 2024 02:54:03 GMT
server: ESF
cache-control: private
content-length: 41522
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/remote.js | 142.250.74.174 | 200 OK | 34 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/remote.js IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (543) Hash949182fbd070ffe02417f214d18899e1 88205a6a179c2299a147de7c604caacfbb8df98d 3edf4e35228c643453b189122dc6ee087c43a389ca3919f3118be1b9fa11bab0
GET /s/player/178de1f2/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:28:21 GMT
expires: Wed, 07 May 2025 07:28:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 156343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js | 142.250.74.164 | 200 OK | 20 kB |
URL GET HTTP/3www.google.com/js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js IP142.250.74.164:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (51583) Hash8168176decd4ee149cd33fb0db48f5f5 b541726598ee936f690683f68551bb4e8fb01439 2ef32b0b7bf31c53fc4b3c63bea356464b1b90e3e22537f5d482d7e0fabc61b7
GET /js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:06:51 GMT
expires: Sat, 03 May 2025 01:06:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 524833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 0 B |
URL POST HTTP/3jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 09 May 2024 02:54:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 114 B |
URL POST HTTP/3jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash02410050f4eae2674f486f18ea212fd6 3825c536afb1a97fbc8ed3890c2aa44eb15b6733 d18bf02ae199fb9d1f96d0906b4bcbeb70c7ba43c1a1eb1ad9b872417ce3db4b
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1179
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 May 2024 02:54:04 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/ytc/AIdro_l06xbU-uCGIURiAGnBYhHuW-oE9SFfbAhKKRnkyuYj3g=s68-c-k-c0x00ffffff-no-rj | 142.250.74.97 | 200 OK | 2.0 kB |
URL GET HTTP/2yt3.ggpht.com/ytc/AIdro_l06xbU-uCGIURiAGnBYhHuW-oE9SFfbAhKKRnkyuYj3g=s68-c-k-c0x00ffffff-no-rj IP142.250.74.97:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3 Hash5848302ae3ee65aaf85c9178d69519fe f70cc82fcbdef9f06d6139608cd465bccf21a962 2a268031611441824ea36c3db6b6a5df771c254eb621ede7073c4e7ee9f5d9ee
GET /ytc/AIdro_l06xbU-uCGIURiAGnBYhHuW-oE9SFfbAhKKRnkyuYj3g=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 2034
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:04 GMT
expires: Fri, 10 May 2024 02:54:04 GMT
cache-control: public, max-age=86400, no-transform
etag: "v5f"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/generate_204?b73NtQ | 142.250.74.174 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/generate_204?b73NtQ IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?b73NtQ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 09 May 2024 02:54:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/clr?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 | 142.250.74.164 | 200 OK | 0 B |
URL POST HTTP/3www.google.com/recaptcha/api2/clr?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /recaptcha/api2/clr?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1515
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m
Cookie: _GRECAPTCHA=09AKDSkeY07mxntWg7kmhDe1yp46IUVs9S3g9K6H3Z-24kIpAPq7DgahqId_AZlWNkCNhKg0NLhxe_k2RC1WgaKp4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/binary
date: Thu, 09 May 2024 02:54:04 GMT
expires: Thu, 09 May 2024 02:54:04 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.174 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715223245881
Content-Type: application/json
X-Goog-Visitor-Id: Cgt4cno3a190dGdwNCjK9fCxBjIOCgJOTxIIEgQSAgsMIFI%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715223242914&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C640%2C385&vis=1&wgl=true&ca_type=image
Content-Length: 11566
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 09 May 2024 02:54:05 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| caduff-sa.ch/wp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 80.74.128.22 | 200 OK | 8.4 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (8171), with no line terminators Hashdda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:57:33 GMT
vary: Accept-Encoding
etag: W/"65dc608d-1feb"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.174 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715223269296
Content-Type: application/json
X-Goog-Visitor-Id: Cgt4cno3a190dGdwNCjK9fCxBjIOCgJOTxIIEgQSAgsMIFI%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715223242914&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C640%2C385&vis=1&wgl=true&ca_type=image
Content-Length: 1063
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 09 May 2024 02:54:29 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0 | 80.74.128.22 | 200 OK | 3.1 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeASCII text, with very long lines (3293), with no line terminators Hashc44ab434a4332c8c28ff13646e4f5e46 3ab488eda9f5df9e6dd13a5693eb36453e5e5e1f 63774d9d080621d450befb7fd3516526a023e86ec5d1cb2afc4dae7167f1ad20
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:58:34 GMT
vary: Accept-Encoding
etag: W/"65dc60ca-c22"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/uploads/2021/09/DSC_6106-1-300x200.jpg | 80.74.128.22 | 200 OK | 18 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/uploads/2021/09/DSC_6106-1-300x200.jpg IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright= ], baseline, precision 8, 300x200, components 3 Hash5ed5ab3e1a8eafc7659412a3e5428c03 574484535ca30dd6d8cc6914110edfc1a85acebf e28129d496f2272c6bc7b70aa393d148888db5c543f54420288b41c6568253ac
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/uploads/2021/09/DSC_6106-1-300x200.jpg HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:02 GMT
content-type: image/jpeg
content-length: 18267
last-modified: Tue, 21 Sep 2021 11:41:29 GMT
etag: "6149c4e9-475b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi/iyqj2sa1ooM/sddefault.jpg | 142.250.74.54 | 200 OK | 65 kB |
URL GET HTTP/2i.ytimg.com/vi/iyqj2sa1ooM/sddefault.jpg IP142.250.74.54:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2 ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3 Hash993d1c3d0f5ac9d558a10d61944dc228 839e01adbe66710034841fd24a101f4fe6451870 0ffce7791537d70c2d0ef7f237d6d18d6692964732194040fc84b66e04e1672c
GET /vi/iyqj2sa1ooM/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 64913
date: Thu, 09 May 2024 02:54:03 GMT
expires: Thu, 09 May 2024 04:54:03 GMT
cache-control: public, max-age=7200
etag: "1394188244"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/www-embed-player.vflset/www-embed-player.js | 142.250.74.174 | 200 OK | 327 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/www-embed-player.vflset/www-embed-player.js IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (829) Size327 kB (326967 bytes) Hash313f662ec66b3cb94106e411fba15e0d 39becc293c40b248ce60fafca7413f567d34fa03 d2d3f5afdcae3fd0b7ba628ff725ffc86cb50322d0f0900158ea19e2de701d5b
GET /s/player/178de1f2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97382
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 15:31:56 GMT
expires: Thu, 08 May 2025 15:31:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 40926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| caduff-sa.ch/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 80.74.128.22 | 200 OK | 115 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
Size115 kB (115127 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:57:33 GMT
vary: Accept-Encoding
etag: W/"65dc608d-1c1b7"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/js/splide.min.js | 80.74.128.22 | 200 OK | 29 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/js/splide.min.js IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (28949) Hash1b79b33cdde48134f98ae1f0b2c8c50b 7aad591381c1a6f106642c0a9f8d6b01bb9bd8d2 4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/js/splide.min.js HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 15:19:07 GMT
vary: Accept-Encoding
etag: W/"6149f7eb-7170"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| | 80.74.128.22 | 200 OK | 44 kB |
URL User Request GET HTTP/2IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://caduff-sa.ch/wp-json/>; rel="https://api.w.org/", <https://caduff-sa.ch/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://caduff-sa.ch/>; rel=shortlink
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4 | 80.74.128.22 | 200 OK | 110 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
Size110 kB (110147 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:57:32 GMT
vary: Accept-Encoding
etag: W/"65dc608c-1ae43"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7 | 80.74.128.22 | 200 OK | 2.9 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeASCII text, with very long lines (3172), with no line terminators Hash4ff394b4fc55e546c2457e1a49a044fa 0f3fe404c0821a795cb73aa6bb5c062d52af7e68 4858dafdb763b5027e97ca50c5747329e16d4c19ecc575aff7454335e71cba33
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:58:24 GMT
vary: Accept-Encoding
etag: W/"65dc60c0-b4e"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7 | 80.74.128.22 | 200 OK | 13 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (13182), with no line terminators Hash83a062cf6545b990c13b4398035a29d0 5cf24bc45fcbc6f416ea9671e089ca00ef0080d2 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:58:24 GMT
vary: Accept-Encoding
etag: W/"65dc60c0-337e"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 80.74.128.22 | 200 OK | 6.6 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (6799), with no line terminators Hashccaa7ba23a1f74bc12d091b65b515c4f 26b795b942f321ee8237178a1fcc16f1cee5a99e daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:57:33 GMT
vary: Accept-Encoding
etag: W/"65dc608d-19e1"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m | 142.250.74.164 | 200 OK | 46 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (37745) Hash98bb9978ec1e2ed863ced59ba2948580 9758726904d6f5da07b666538340fdfb67784374 1b1e3efd387ff43d09957d275cc9df37173457470767233b5af5413a3dd8ed3c
GET /recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 02:54:02 GMT
content-security-policy: script-src 'nonce-6SwfW1cBuXzjq7BcBDHblA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api2/reload?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 | 142.250.74.164 | 200 OK | 12 kB |
URL POST HTTP/3www.google.com/recaptcha/api2/reload?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 IP142.250.74.164:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with very long lines (11718) Hash38d205200b05bea953f40c82b97e8979 11a557733581f7cf4fe3e6570e383405ef89fa89 a8292eefbdd43d9343e2b66543b93d5b4ca88a0c3c98633484c74107cf3d0d4d
POST /recaptcha/api2/reload?k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6467
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeL29whAAAAAIoUfi38BBuxCEC-St7okirUDNb3&co=aHR0cHM6Ly9jYWR1ZmYtc2EuY2g6NDQz&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=haa7iuxbw4m
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Thu, 09 May 2024 02:54:04 GMT
expires: Thu, 09 May 2024 02:54:04 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AKDSkeY07mxntWg7kmhDe1yp46IUVs9S3g9K6H3Z-24kIpAPq7DgahqId_AZlWNkCNhKg0NLhxe_k2RC1WgaKp4;Path=/recaptcha;Expires=Tue, 05-Nov-2024 02:54:04 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0 | 80.74.128.22 | 200 OK | 27 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
Hash359aca8a88b2331aa34ac505acad9911 800a4f56bb87049e1f0d45cf93c4e8ef79144b45 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Mon, 26 Feb 2024 09:58:34 GMT
vary: Accept-Encoding
etag: W/"65dc60ca-6a71"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/js/koalanav.js | 80.74.128.22 | 200 OK | 8.8 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/js/koalanav.js IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (9072), with no line terminators Hash5f9b9d757c7dd22196f7d5067198a872 5848d60e18d605796c84924044d38ddd54e0df40 e677a83f877ea1bfc0cadc2a19bc71558a9cc68733a013ab6d19b52d1a714f16
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/js/koalanav.js HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Thu, 31 Jan 2019 11:30:58 GMT
vary: Accept-Encoding
etag: W/"5c52dc72-2272"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/themes/individual/css/splide.min.css | 80.74.128.22 | 200 OK | 4.2 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/themes/individual/css/splide.min.css IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeASCII text, with very long lines (4181), with no line terminators Hash68d6a321c3102c2267aecd7c327d7174 596828d169d008455066f3aaff812e6cc44bf9b8 5d2fe6d99c6cc7e2457c2698adc1d59646bc5aedc874981c94a1fa34ad3b8e2f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/themes/individual/css/splide.min.css HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: text/css
last-modified: Wed, 22 Sep 2021 07:03:28 GMT
vary: Accept-Encoding
etag: W/"614ad540-1055"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/www-player.css | 142.250.74.174 | 200 OK | 376 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/www-player.css IP142.250.74.174:443
Requested byhttps://www.youtube.com/embed/iyqj2sa1ooM?rel=0 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Size376 kB (375896 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/178de1f2/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/iyqj2sa1ooM?rel=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 47612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:22:01 GMT
expires: Wed, 07 May 2025 07:22:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 156721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| caduff-sa.ch/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 80.74.128.22 | 200 OK | 88 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:57:33 GMT
vary: Accept-Encoding
etag: W/"65dc608d-15601"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 80.74.128.22 | 200 OK | 14 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:57:33 GMT
vary: Accept-Encoding
etag: W/"65dc608d-3509"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0 | 80.74.128.22 | 200 OK | 34 kB |
URL GET HTTP/2caduff-sa.ch/wp/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0 IP80.74.128.22:443
CertificateIssuerLet's Encrypt Subjectcaduff-sa.ch Fingerprint89:6A:75:A6:10:D5:5A:C4:39:89:DC:0F:81:D4:E6:61:16:3B:A9:2E ValiditySat, 27 Apr 2024 23:49:42 GMT - Fri, 26 Jul 2024 23:49:41 GMT
File typeJavaScript source, ASCII text Hashdffa195b546cf1dfd52f2206955eb892 a3d48e8f126eb96d12191d76ed71ad2bc8651d59 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /wp/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0 HTTP/1.1
Host: caduff-sa.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caduff-sa.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:54:01 GMT
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 09:58:34 GMT
vary: Accept-Encoding
etag: W/"65dc60ca-8583"
content-encoding: br
X-Firefox-Spdy: h2
|
|