detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 05 Sep 2022 16:44:56 GMT
Age: 74884
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
gschwaetz.de/
92.204.239.141301 Moved Permanently 229 B IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c4e5cb5df52e0f85cc6eb6d78d46c1ef
2f4f70adbad4814a6d1bac7b448a15911bc8b150
f7bce9d38177bb8a2ff2adb7f5080081f51ca8d0fcaaa41af5d9f84e677975e3
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 13:33:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 229
Connection: keep-alive
Location: https://gschwaetz.de/
X-Cache-Status: HIT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5664
Expires: Tue, 06 Sep 2022 15:07:24 GMT
Date: Tue, 06 Sep 2022 13:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d2d5a5cb5a0eb9006019ec8a8a7a60c
a97cb86a600ae223434604442f997504bc3a293b
fe016a09001e17224ac6ac11c76b7c4fa98bc99480575b6e0ae3ca22805148d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE016A09001E17224AC6AC11C76B7C4FA98BC99480575B6E0AE3CA22805148D3"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11600
Expires: Tue, 06 Sep 2022 16:46:20 GMT
Date: Tue, 06 Sep 2022 13:33:00 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 48 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f864d5c433933ad08931d023142fc792
9b85f4c1a463f0ab6e6088f690af6520cca67fa0
327a342079f9947283dfe01ca72c7b408e42482d60fde2c304a85b99b8346964
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA19-C1
x-amz-cf-id: 0pRycNR2bzWjyRzgYhvHKgOfNGRjGRaTFChMg4qqIXkKEWlq4bpLnQ==
content-encoding: gzip
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 13:23:15 GMT
age: 585
content-type: application/json
content-length: 48157
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:22:02 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IhdVAHBC3rNCiCCc2gYV_80-MXyZHLOXj7D0Ozk0rgMHITXNLJqsYQ==
age: 43859
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 13:02:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vQJ2REs8ufpICCHVpJoiIVIs6wSvJCVES2yJ2FoOFUGL0ZkuuHz8IA==
Age: 1844
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 05 Sep 2022 16:44:56 GMT
Age: 74885
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b14b46e4109f402aa48ae7c35119a6c1
93f53daa271cb0a6d1f08d00eab690bc5c6657e4
bf67c6afaaf4a87fcbe98abd19ac0b11ffe8b11b511e5703f76f11d0cf5f2443
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 13:33:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Sep 2022 23:46:30 GMT
Expires: Tue, 06 Sep 2022 23:46:30 GMT
ETag: "93f53daa271cb0a6d1f08d00eab690bc5c6657e4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26c48d7fa703d039e1f9da634bf4fb40
35ce8f380861778dff436d4058bcbb857f3b9947
7874e0803edae34c792cd15d63375fed60b4b035815908698384760392c99e7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3904
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:01 GMT
Last-Modified: Tue, 06 Sep 2022 12:27:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
gschwaetz.de/
92.204.239.141301 Moved Permanently 0 B IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.gschwaetz.de/
x-redirect-by: WordPress
set-cookie: ncore_session=YJvBGJe1Rzpx8b9P7CsnVldz7MkGjy; path=/
x-cache-status: MISS
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 12:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KzHF1ZeEXi5-g28_RaZoHo0pEsWxKH9gQ5jNPSBTC53zKXDBHAwczQ==
Age: 3283
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.35.120.198200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.35.120.198:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 06 Sep 2022 13:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5254
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:01 GMT
Last-Modified: Tue, 06 Sep 2022 12:05:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: smlPU4dtKLBw3YF8IVu43g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JpV5Yb6PtJCoswUXYqX/tjudKW8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gschwaetz.de/wp-content/uploads/2017/09/logo_transparent.png
92.204.239.141200 OK 9.8 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2017/09/logo_transparent.png
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type PNG image data, 768 x 417, 8-bit colormap, non-interlaced\012- data
Hash 6572d05346110f5182b60a3728de8ce9
66421daca04d1c4bb541104f3eac0f944574761c
e9661fdc6b7b7d2ea5c101e806ddfba6bec910baef11a33336460b4f167d7395
GET /wp-content/uploads/2017/09/logo_transparent.png HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/png
content-length: 9820
last-modified: Wed, 01 Apr 2020 16:07:51 GMT
etag: "265c-5a23ce2d683c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/06/WWF-001.jpg
92.204.239.141200 OK 451 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/06/WWF-001.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x555, components 3\012- data
Size 451 kB (450799 bytes)
Hash 64e5a13f6548c0f42c96a4661435c761
afae5ade05f6f77070ee8e7cc337d90dcf11b194
84b62bc4da732d03ca56f1cc7091dc1a3472a77b60bbdb4c1bfa93b6aa1df9ed
GET /wp-content/uploads/2022/06/WWF-001.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 450799
last-modified: Mon, 20 Jun 2022 07:45:59 GMT
etag: "6e0ef-5e1dc4b8a7fff"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/06/20220617_120328-scaled.jpg
92.204.239.141200 OK 755 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/06/20220617_120328-scaled.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2560x1920, components 3\012- data
Size 755 kB (754918 bytes)
Hash a4fd094d432f93f00646901797be889d
63ca7583ce9ce68ee6252560b0b5a46bc6203fd7
7172fc115026df1960f4ee2ad921cd4359562be6a20dfea24f53a027b7ce5021
GET /wp-content/uploads/2022/06/20220617_120328-scaled.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 754918
last-modified: Mon, 20 Jun 2022 04:12:34 GMT
etag: "b84e6-5e1d9504872ff"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/06/Veith-Cover-Bild-Stellenangebote-VEITH-002.png
92.204.239.141200 OK 726 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/06/Veith-Cover-Bild-Stellenangebote-VEITH-002.png
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type PNG image data, 2002 x 1128, 8-bit/color RGB, interlaced\012- data
Size 726 kB (726277 bytes)
Hash b08f04143aee3bc1392dc84cb9cb7d67
d247153446350d24946d0fe9da5481c171c13d2a
6e19d65bc35ffa810fcd018084b45189b2ac8b32117f7dad999334c9c510edef
GET /wp-content/uploads/2022/06/Veith-Cover-Bild-Stellenangebote-VEITH-002.png HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/png
content-length: 726277
last-modified: Fri, 03 Jun 2022 09:39:29 GMT
etag: "b1505-5e087e620b1bd"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2017/07/Vollsperrung.jpg
92.204.239.141200 OK 25 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2017/07/Vollsperrung.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 520x520, components 3\012- data
Hash eba12378db12135027dd3615d9b78996
cafea390df53008334461cf36ed2adab088fca93
5c588c3ae2b282e61bb0f50802f88f549942f1225b8fa52bdddeb390f0a8721d
GET /wp-content/uploads/2017/07/Vollsperrung.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 24958
last-modified: Wed, 01 Apr 2020 16:03:36 GMT
etag: "617e-5a23cd3a38600"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2017/11/Lehrerin-Tommy-Weinz.jpg
92.204.239.141200 OK 556 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2017/11/Lehrerin-Tommy-Weinz.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1365x2047, components 3\012- data
Size 556 kB (556512 bytes)
Hash 0dfe9f0e994cdea44f8cda89a2c9022e
1b8b39095b589636a3fb6b9dade530ae62fe7743
0f58e950f40fb7565bc5e835c3b14ec331e8b8754834c434c0bcc0e76931d78c
GET /wp-content/uploads/2017/11/Lehrerin-Tommy-Weinz.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 556512
last-modified: Wed, 01 Apr 2020 16:45:37 GMT
etag: "87de0-5a23d69e6ee40"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/Kreishaus2.jpg
92.204.239.141200 OK 231 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/Kreishaus2.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1233x671, components 3\012- data
Size 231 kB (230857 bytes)
Hash b22ddb72b466041c284a1735e888f3a4
62d14ccfd177426dfae4ac4e4e1e4fd8222bab68
7df748fb5352b730c248cbad627ff5c6eedebdb650ea8c9f838ba76b884c9d12
GET /wp-content/uploads/2022/09/Kreishaus2.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 230857
last-modified: Mon, 05 Sep 2022 08:02:43 GMT
etag: "385c9-5e7e9811e24ba"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/Amrum-Strand.jpg
92.204.239.141200 OK 161 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/Amrum-Strand.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=upper-left, width=0], baseline, precision 8, 2016x1512, components 3\012- data
Size 161 kB (160957 bytes)
Hash d484c0956115cecebe8e0b1ee879ed05
8b95fe291d762e7b7bd8d11452fadb48f5526cf8
1aebc06b8c218ba21acb5a88cf1fd5d595e5cd141d039cea5a49c3658d3fac3b
GET /wp-content/uploads/2022/09/Amrum-Strand.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 160957
last-modified: Mon, 05 Sep 2022 07:06:18 GMT
etag: "274bd-5e7e8b7624e15"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/Mais-Ernte.jpg
92.204.239.141200 OK 769 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/Mais-Ernte.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2016x1512, components 3\012- data
Size 769 kB (768582 bytes)
Hash ee5f080e63bd289d312ecf2ca6980c71
eb7d47e7c9493e0088a0887062d8e208ac8d305b
90958e98777ef6289cc4586ef21a22174471fa2ad7d452a46230b11632107445
GET /wp-content/uploads/2022/09/Mais-Ernte.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 768582
last-modified: Mon, 05 Sep 2022 06:50:48 GMT
etag: "bba46-5e7e87ff7f97e"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2021/10/211004_gschwatz-logo-weiss_Zeichenfl%C3%A4che-1.png
92.204.239.141200 OK 61 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2021/10/211004_gschwatz-logo-weiss_Zeichenfl%C3%A4che-1.png
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type PNG image data, 2213 x 1092, 8-bit/color RGBA, non-interlaced\012- data
Hash 1fb92a77d769539c4508b4f12778a751
c20e9bc7c67bf3d90e15cd0b5481b1b66ab00897
230fe6121d0ff79aadb519779049f30eee568302f1ca174ce4eccb4d9e345293
GET /wp-content/uploads/2021/10/211004_gschwatz-logo-weiss_Zeichenfl%C3%A4che-1.png HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/png
content-length: 60672
last-modified: Mon, 04 Oct 2021 07:40:14 GMT
etag: "ed00-5cd8206053380"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/2288_Streuobstaktion-2022_02.09.2022.jpg
92.204.239.141200 OK 2.1 MB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/2288_Streuobstaktion-2022_02.09.2022.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1600x1073, components 3\012- data
Size 2.1 MB (2128838 bytes)
Hash 8ee587480c1e8ff0b5e3a6ef044075e8
bed7d155906dd830b3f3c188dbe444532c0ad833
5b9da5fced53b4aad4710c2456c8caf53190a3c444f9381b259e0c16e7a3e0e2
GET /wp-content/uploads/2022/09/2288_Streuobstaktion-2022_02.09.2022.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 2128838
last-modified: Sat, 03 Sep 2022 09:29:28 GMT
etag: "207bc6-5e7c27bb1b280"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2021/09/Bauernverband-Apfel-1920.jpg
92.204.239.141200 OK 1.3 MB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2021/09/Bauernverband-Apfel-1920.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Apple, model=iPhone 11 Pro Max, xresolution=158, yresolution=166, resolutionunit=2, software=paint.net 4.2.16, datetime=2020:10:14 14:31:26], baseline, precision 8, 1920x1440, components 3\012- data
Size 1.3 MB (1252296 bytes)
Hash b16bff8ccc59b1137ea483c9f6a0afd0
1d62d51ef6965c872bd155fedd7483379b5802e7
849ed8b7c0a661d9530c8ba9557947509e657aa24ed5103cc229442dcfa82dfd
GET /wp-content/uploads/2021/09/Bauernverband-Apfel-1920.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 1252296
last-modified: Wed, 01 Sep 2021 07:51:43 GMT
etag: "131bc8-5caea565321c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/includes/css/alg-wc-checkout-files-upload-ajax.css?ver=2.1.1
92.204.239.141200 OK 849 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/includes/css/alg-wc-checkout-files-upload-ajax.css?ver=2.1.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 80fafe318c3f993717c3909d6f30ac32
e0df382ae1f3616d443f7382334673a563d356f0
e5d7f79c0cfa8e46f02975766ba228ac0a4b267619279fc1664a4eb36237fe6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/checkout-files-upload-woocommerce/includes/css/alg-wc-checkout-files-upload-ajax.css?ver=2.1.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 14 Oct 2021 19:42:08 GMT
etag: W/"33d-5ce5546262400"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/Breitband-Vobelsberg-071220211.jpg
92.204.239.141200 OK 2.3 MB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/Breitband-Vobelsberg-071220211.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1920, components 3\012- data
Size 2.3 MB (2270538 bytes)
Hash 3be55beab4bdd52899debee7f9fddd73
f0bde7e10237dc4c0922ac1607505dbb59bcb6a7
a0d8227bb0f4745481688749ecd46a5ddfc5c17fa80d405f2f4bec963995a072
GET /wp-content/uploads/2022/09/Breitband-Vobelsberg-071220211.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 2270538
last-modified: Sat, 03 Sep 2022 09:15:24 GMT
etag: "22a54a-5e7c24965c1dd"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C700%7CRaleway%3A600&ver=5.4.11
142.250.74.10200 OK 5.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C700%7CRaleway%3A600&ver=5.4.11
IP 142.250.74.10:0
Hash 2dbc88417f3ed787a2a96f72c9058c6f
4f1d742e33738e3e7c145eebf5c4b846ad55a2ff
9a2a998b36614b27e48a1cca37f5784af99d9a0285772f9dcb1828408e6e2f85
GET /css?family=Open+Sans%3A400%2C400italic%2C600%2C700%7CRaleway%3A600&ver=5.4.11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 13:33:02 GMT
date: Tue, 06 Sep 2022 13:33:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662381443719&_since=%221653914271178%22
143.204.55.36200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662381443719&_since=%221653914271178%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 096980a473a883e6eeaf47dc9a14f237
491cde318ec986cc64ff2fb45f71e6560d368feb
1a6d7840dbf67d703a920313758fc70b272df5c2c40cffb770a9f0a728b72b14
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662381443719&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 05 Sep 2022 12:37:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:57:48 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RwBOv9O18mOuze3LCSnVw3KYnyw2u1Oc4wICAoAg-EAmiTxNSsNfDA==
Age: 2880
www.gschwaetz.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
92.204.239.141200 OK 51 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash a23ab6049e74794b2767d3649722d7da
9661ca62595c2c15caaf54e57ba1c5b27e89202a
9155c2a560ff854966678cb3109399f7a667ea3b44850edb875af09ad26066e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"76726-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/img/bgs/tagline_divider.png
92.204.239.141200 OK 81 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/img/bgs/tagline_divider.png
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type PNG image data, 4 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 988db10f018aab71de3b2d39e2b4fee9
c46bef69416ad7d2feb26b79f7e6a0df52773f72
6fef0966723588b4a89652416d1d9590803d50bd689e136a5c3592248d41e7da
GET /wp-content/themes/whitespace/img/bgs/tagline_divider.png HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/wp-content/themes/whitespace/css/theme.css?ver=5.4.11
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/png
content-length: 81
last-modified: Thu, 02 Apr 2020 19:15:35 GMT
etag: "51-5a253a010e3c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gschwaetz.de/
92.204.239.141200 OK 25 kB IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 850e897900fe189ecd8831b81ea63d10
2cc40aa8335210d4de53378a237818816c08ff4c
8f375179c502302b04dac5802b27da832e270c99427e3be6cb7b292826044404
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.gschwaetz.de/wp-json/>; rel="https://api.w.org/", <https://www.gschwaetz.de/>; rel=shortlink
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11
92.204.239.141200 OK 471 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:31:59 GMT
etag: W/"1568-5ce14977135c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/js/hoverintent.js?ver=5.4.11
92.204.239.141200 OK 2.8 kB URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/js/hoverintent.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash a6f6ac3e65dde78c5e21a437d12a006c
f160967c3d1b1814d56af8ca571a5f4b2a788899
6825b671f5c9239d896678658e645b3a92854498639447cfac30e399b547d86b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/js/hoverintent.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:04 GMT
etag: W/"1a41-5a2539e37de00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.4.11
92.204.239.141200 OK 52 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 13b3c6237675faf8267a5ef8ce2a7a48
dea2ccee6faaa4df381cff3596d9f2dc12afb762
1a7592e79285a011a2878d72798f3299710df2e90d75e6f8260d8fde8249c352
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Aug 2017 19:04:13 GMT
etag: W/"6bf7-557e913b24540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1
92.204.239.141200 OK 24 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 047aad62bb58bbc5e74be6f145481102
12fb67c93e6421d15584960b5b2b6643ab7b82c9
69f6259db51332b123a76050521efe48070805da801d514f416e733f6a143f92
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:39 GMT
etag: W/"7451-5a2535533d9c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/hm_custom_css_js/custom.css?ver=1526853920
92.204.239.141200 OK 20 kB URL HTTP/2 www.gschwaetz.de/wp-content/uploads/hm_custom_css_js/custom.css?ver=1526853920
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 8c483f05c2cb05af06679f1b417e0f7d
f65c5ccc7f54cfeb7f0766f3c23e9b4adc680e61
86ded105e670c69b923a7a9ef270088b69a8d1f6deb6154023ab0e62a8b54c73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/hm_custom_css_js/custom.css?ver=1526853920 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 15:33:59 GMT
etag: W/"1c9a-5a23c69b8a7c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/jquery-ui/jquery-ui.min.css?ver=4.0.4
92.204.239.141200 OK 29 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/jquery-ui/jquery-ui.min.css?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 012b8372f21d46e65fbe537e23d91571
5a5ac65feec2ed9fc48a5e2e93e698379163aec2
e8a021ac5db1e7e20bffde763598ec9f98f050bbe0ac7a2ea38f86dfb41aa44f
GET /wp-content/plugins/woocommerce/assets/css/jquery-ui/jquery-ui.min.css?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"755c-5d9e1b921c877"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 13:02:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NZI2gcDCS2w701CK2EatuaAIKaMd4X0_ruh2jOpWTwvC7XAX9rQSBQ==
Age: 1846
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/ajax-loader.gif
92.204.239.141200 OK 4.2 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/ajax-loader.gif
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/plugins/wp-carousel-pro/public/css/ajax-loader.gif HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/gif
content-length: 4178
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: "1052-5cd8b67500940"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
143.204.55.30200 OK 796 kB URL HTTP/1.1 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP 143.204.55.30:0
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Sep 2022 03:36:33 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E0R84ywC3BWkB-jEIaIsih6XBdtOexO0kg4ObefdaLTAohi4QTLv7A==
Age: 38149
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662422467073&_since=%221654732864402%22
143.204.55.36200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662422467073&_since=%221654732864402%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (59437), with no line terminators
Hash 45b41db6f927fdb47f0f7df66f42d4c8
ab37910a3d8b44254431cfa44a83d7b09fe84e79
a6384356884ab8ae2d9087a3410e914e4be4eea385e5ddcf6eeba369574a9f6a
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662422467073&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 06 Sep 2022 00:01:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:08:07 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hja0ym8935XVYpcyecuAdAc7Vsy4xiDiuG7uB3fw_zJezZy2ovEfRQ==
Age: 1599
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.3.1
92.204.239.141200 OK 2.0 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 7d6c350d1a6a7586ce89ac8e35cb39e0
9ff1b9a658fce3da23aee7420ba87e3c428dd071
2e89ff17b9a6562c709856cbd92fd4b558a9af43ebb0d153591945e618b6c393
GET /wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"bd0-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
92.204.239.141200 OK 13 kB URL HTTP/2 www.gschwaetz.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 57a1928f4bbe68fad729bc074923b52d
01a7c685282ffe537a31532267f0fb7cd51ec988
05f02bf4242d52cd506b884c6e21d2a380927480491d2491a248fd1ace81d484
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 19:48:18 GMT
etag: W/"2748-5a23ff73a8480"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/pdf-print/css/frontend.css?ver=2.2.9
92.204.239.141200 OK 827 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/pdf-print/css/frontend.css?ver=2.2.9
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 3956ca5963aed5d58fb8af9a51dac8f7
49639828a800c1bc107edc51e6bf8cd793a3aefc
a5378dea4f276f13f45ddb6ee0c5ebdd098c3769b36ade9b3dcc489570c670ba
GET /wp-content/plugins/pdf-print/css/frontend.css?ver=2.2.9 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:26:16 GMT
etag: W/"5ca-5ce1482ff7200"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 12:41:12 GMT
expires: Tue, 06 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 3111
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/sounds/notification.mp3
92.204.239.141206 Partial Content 8.8 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/sounds/notification.mp3
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
File type Audio file with ID3 version 2.3.0\012- data
Hash 568c452268d8a1df3b09d449f6b59232
c11d84b821468127a58dae0c98d514f5e1962a88
6d8a2c36a85f22a871fc5b22a174aae86f7560befc1d205738a6c78ab41cf4a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/sounds/notification.mp3 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 06 Sep 2022 13:33:03 GMT
content-type: audio/mpeg
content-length: 8802
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: "2262-5a27ca09f6b80"
x-cache-status: MISS
content-range: bytes 0-8801/8802
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1
92.204.239.141200 OK 10 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 249674e3d3aeb99c9383bc42bdfb2374
2c760c0675a4a08a6695b3cc1cead435c18bdfd8
ac18efaebf4e4480a7123a29c4466a85cb26ca89abe53838c64e17f7734718c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"55c-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.0.4
92.204.239.141200 OK 73 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 37f5803385aae05598b4975b24bd0845
e61776d98cd66424da92efcbcdfe9d4029c45979
002bcdaacbfa24f34001e77f04559dd2dd4c3f42fa27cb28aad5d499cd3665b4
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"f42f-5d9e1b9221696"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
143.204.55.36200 OK 681 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 747f384efea12ce5dab98117b84a36d8
3bfa87d8ca19bf259e1b28f5d8484560bc4aa59f
674580bbd668da2fccee5bd78cd11bdb237a800ec945160353537b15c3e924f2
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 03 Sep 2022 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Date: Tue, 06 Sep 2022 13:30:07 GMT
ETag: "1662223014803"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0SaLGujc7SQA5Axl7_nZlRL2jq6UFsU6SWJ2axYQOHx0pxjkfWHk5Q==
Age: 176
www.gschwaetz.de/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
92.204.239.141200 OK 3.2 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash d414daca5866bd3d1e459beba5692f19
b5d6eca8c82678c2943553f467f4bb4373441705
97662d3021e5b3ce28177f6b7f504fd54cfa8f0a0d6b88406ec2590b7fb7ef65
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:09:35 GMT
etag: W/"2452-5a27c9cde1dc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119144461-1&cid=119497449.1662471178&jid=1465760241&gjid=1835395379&_gid=461185235.1662471178&_u=YGBAgUABCAAAAE~&z=496998419
142.251.1.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119144461-1&cid=119497449.1662471178&jid=1465760241&gjid=1835395379&_gid=461185235.1662471178&_u=YGBAgUABCAAAAE~&z=496998419
IP 142.251.1.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119144461-1&cid=119497449.1662471178&jid=1465760241&gjid=1835395379&_gid=461185235.1662471178&_u=YGBAgUABCAAAAE~&z=496998419 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.gschwaetz.de
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.gschwaetz.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 13:33:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
143.204.55.36200 OK 893 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Hash cdb42a32eb079761007d29ee4bbc9a0b
9653c4215e912886e5b6f5a39a33189147f10573
26e1a455c2a879130bec3641d40ed1e2aabed7d0aafde9e11a07a2cc6eb63eb8
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:33 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: l7zuo7ToDfsOqM6_L-6k2vbn-AqC7HVC-o4PIqPQJgUqf0piCIwdEA==
Age: 1784
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-08-30-15-09-07.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-08-30-15-09-07.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash c0f7028ab1157f24d515abdede77d5b3
00208a34ed76644814967ad5611bdbc1f3ba6780
6a1b8917468b937fda9acbfead382d4349063f5bd36a812dbd79e91645abb576
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-30-15-09-07.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Mon, 11 Jul 2022 15:09:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 03:06:57 GMT
etag: "c0f7028ab1157f24d515abdede77d5b3"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4i37brQyX6AJ15xWMaJfpy5ATmmGdh-y3ZevplPc846dbsgKvCXFmA==
age: 37567
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/digimember/webinc/packages/dm-frontend-styles.2f589c52295091a387a6.css?ver=3.000.160
92.204.239.141200 OK 10 kB URL HTTP/2 www.gschwaetz.de/wp-content/plugins/digimember/webinc/packages/dm-frontend-styles.2f589c52295091a387a6.css?ver=3.000.160
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Hash 69560efab38bab0c1962b73fcea1c9a3
66b250f688b8947fcabfc0953b4fa91c830b3f23
ff591f7508022720a3bf85189b21fb18b6063265a3afa64b2991bbd4b79f4745
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/digimember/webinc/packages/dm-frontend-styles.2f589c52295091a387a6.css?ver=3.000.160 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:12 GMT
etag: W/"b53d-5a27cc6697e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Tue, 06 Sep 2022 15:11:04 GMT
Date: Tue, 06 Sep 2022 13:33:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Tue, 06 Sep 2022 15:11:04 GMT
Date: Tue, 06 Sep 2022 13:33:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-10-13-16-32.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-10-13-16-32.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash c2eff79baaa46df0eb1ad5ad7b702bca
a1161150e75b0f0dd30de06ac6f27c1be4810048
6871f00b47a3525296bf02f508923ab3e15cc705694aee45d8db44b9c63bd201
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-10-13-16-32.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Thu, 21 Apr 2022 13:16:33 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:53:08 GMT
etag: "c2eff79baaa46df0eb1ad5ad7b702bca"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rhddTdr-lbGJI0AxZO2D63djx8fgAd7mQ_DaKV-Eh3TCDWdnx80YPA==
age: 41996
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 32521
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
age: 56781
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe4a321dcd6a94a637a528d74f9321a
3f3aad2cc71226b39549db1a9baa6837d4f1d897
a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12573
x-amzn-requestid: 93ac3b01-e2e3-462b-93d4-8f1bf949a015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5E5JIAMFTJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-7fa8ddcb4b17c5ff1c214b94;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qU3s1u1OYmhFyNM8dgd4R3mLfgN3VXlj7z0WGWFhmW-U00wuUld96w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:23 GMT
age: 56860
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704
143.204.55.36200 OK 990 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (1917), with no line terminators
Hash b6407a5941093b39ebd04d169df8bbf3
818bda143425c1055f103f8e1db3ed43cc98bd93
283dd5f141930ee1f53a16db0eba6f3aeb1d4f13247a3f006abe84427c066dcb
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:19:33 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m5fbvGWLRGxwjLGt0b10s-Sd1B5kzdSQ10EXoDjOiSCzGmaWnUuH2Q==
Age: 811
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 13:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 17877
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 55983
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 56910
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
143.204.55.36200 OK 1.0 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (2195), with no line terminators
Hash 284ce6f489d4e39635136f153138aeb3
e15907c1e8e1a973af52a876c4efac08eb4a8f4d
0728663f31f157e091c5f658b8fa24e2833830e95429146d470f2edd6e8705fd
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:37:28 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lHUU2edmt5nMo7TeCgDnGidzwdKLany8z6PL2UKyZx0FOsjKwoZCjw==
Age: 3360
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 578b9ff83ff3950ab2a3d1a8344d2938
39d48b67ba6aa45ec01767725e726cf9b0c87a70
35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:37:08 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9ZE7izcf6AueHDGx1omp-u_c3zlX7nTGXdwuwmgEPxuYfeH8rvAEAw==
age: 42956
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
143.204.55.36200 OK 1.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Hash 5f4edd5433264154f517292748387ebf
d6e41d472f12649a84d2484433c89d64836ca059
f749fdbbb83278e27564e565558832d799197c405c39055ea1d3cfb1274f9086
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:57:49 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hFb9On7QcrfyELMnLxVZP3JiSNG3hh3_iviabBf1xsRarnQeaJzyJA==
Age: 2121
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22
143.204.55.36200 OK 5.0 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22
IP 143.204.55.36:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ef8c23eb9ddb7ebd8b9183a7089b6f3f
6eae5623ffdf5f30831bdd4f3cb61bb1829dbc08
9d6ed20bd90c3e952ee4c32a10706bc5eb20a6ae6dcf598448f029022769102c
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 02 Sep 2022 12:14:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:47 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lji3nKXAjrzGTqECz8XDFgZ7KdQrXX1SjJZXbfGDmyVC17dElo3RFw==
Age: 1802
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
143.204.55.36200 OK 5.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Hash 4aeeb7e3b8bbe13f0e937ff570f20777
3d30e1983d6ce6126fef50acaae4a41d579b1c09
3f016c7fbcd505500620db2169b0f39282087dc89ba805e479a8ef53d45f10b7
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:19 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NBM8BaseKv1BqqLkxInZ7gwZwJtOc01eF_14s_bLyDfJ_9k5PQ9W_A==
Age: 1786
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
143.204.55.36200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Hash 64e7a6dda8110b0ba7c31a4e28bfc96f
addc0f9994b78a873012b9465e3aa515a780ddf9
10823e4a8aa955a94172bc12eb933498ee792bdd49d6f24e73db175b6d79bff1
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 06 Sep 2022 13:14:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _k-6PFXZwaiHPDtPZcpi9KzU1Y00rt6gzkYiKkLYv_2jIofnKJW1DA==
Age: 1122
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
143.204.55.36200 OK 783 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Hash d8e59c6bd160719da9f2b9571af22b8e
b4353f8308be656bdf00bc4676fdb23e7c285f32
a3e7359fc3dbb20b38aae533bedd4061dad7a3440ea323cb17dba0540a670c81
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:40:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aC2dXzKLucqPJIIHaIEOBUq9xu-2GQnAwIJQyKfwB_I6ISGs4TpYfg==
Age: 3267
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
143.204.55.36200 OK 3.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash ca9b7ec20643050e8acc3b7ee435f6a3
204f7d4e4dcd10b449d91bd6f9edbffe17dd6dd1
531a79432808c6959aa6fe610b7112c27bad3f4c548e411b2861eed0bf06165d
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:38:51 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nE2p6CSo1pf_XbOqzH1ilRy79--dlctqs92XlYcjuWB-b8H9nxTAbA==
Age: 3268
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/enquiry/wcfm-style-enquiry-button.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/enquiry/wcfm-style-enquiry-button.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/css/min/enquiry/wcfm-style-enquiry-button.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"2c6-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Sep 2021 08:46:24 GMT
etag: W/"16d-5cd0a3f9a5800"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"b7c-5d9e1b9232bee"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"f59-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"7918-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 06:53:20 GMT
etag: W/"d159-5a47c85213800"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/css/theme.css?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/css/theme.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/themes/whitespace/css/theme.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 07 Oct 2021 07:14:32 GMT
etag: W/"31f2c-5cdbe03a24600"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-adminbar.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-adminbar.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-adminbar.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"1380-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"736-5d9e1b923723e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/js/wp-embed.min.js?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-includes/js/wp-embed.min.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"592-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-core.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-core.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-core.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"3ade-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/css/woo.css?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/css/woo.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/css/woo.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 25 Oct 2021 19:07:25 GMT
etag: W/"1526b-5cf32123f3540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/LittleMissMartin_FotoWernerHallatschek-1024x683.jpg
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/LittleMissMartin_FotoWernerHallatschek-1024x683.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/uploads/2022/09/LittleMissMartin_FotoWernerHallatschek-1024x683.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 111841
last-modified: Mon, 05 Sep 2022 08:10:37 GMT
etag: "1b4e1-5e7e99d62e25b"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/fancybox.min.js?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/fancybox.min.js?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wp-carousel-pro/public/js/fancybox.min.js?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"10a9d-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/style.css?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/style.css?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/style.css?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:14:53 GMT
etag: W/"11a-5a2539d900540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/includes/js/alg-wc-checkout-files-upload-ajax.js?ver=2.1.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/includes/js/alg-wc-checkout-files-upload-ajax.js?ver=2.1.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/checkout-files-upload-woocommerce/includes/js/alg-wc-checkout-files-upload-ajax.js?ver=2.1.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 14 Oct 2021 19:42:08 GMT
etag: W/"1f7d-5ce5546262400"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/js/jquery.mousewheel.js?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/js/jquery.mousewheel.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/js/jquery.mousewheel.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:05 GMT
etag: W/"99a-5a2539e472040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/fancybox-config.min.js?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/fancybox-config.min.js?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-carousel-pro/public/js/fancybox-config.min.js?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"77b-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.0.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"44e7-5d9e1b9221a7e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"d2e3-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/digimember/webinc/js/user.js?ver=3.000.160
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/digimember/webinc/js/user.js?ver=3.000.160
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/digimember/webinc/js/user.js?ver=3.000.160 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:13 GMT
etag: W/"2cb6-5a27cc678c040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/js/woo.js?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/js/woo.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/js/woo.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:06 GMT
etag: W/"f33-5a2539e566280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"2415-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 14 Apr 2020 11:48:33 GMT
etag: W/"3868-5a33ec7722640"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"8d4c-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/js/min/wcfm-script-core.js?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/js/min/wcfm-script-core.js?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wc-frontend-manager/assets/js/min/wcfm-script-core.js?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"2c0a-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:01 GMT
etag: W/"1020a-5d9e1b92ef773"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/hm_custom_css_js/custom.js?ver=1525449628
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/uploads/hm_custom_css_js/custom.js?ver=1525449628
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/uploads/hm_custom_css_js/custom.js?ver=1525449628 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 15:33:59 GMT
etag: W/"5928-5a23c69b8a7c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/css/custom.php?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/css/custom.php?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/css/custom.php?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
set-cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl; path=/
x-cache-status: EXPIRED
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"5079-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:31:59 GMT
etag: W/"20b3-5ce14977135c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"31fb-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/fonts/font-awesome/css/wcfmicon.min.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/fonts/font-awesome/css/wcfmicon.min.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/fonts/font-awesome/css/wcfmicon.min.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"cb7b-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:07:05 GMT
etag: W/"17a69-5a27c93ed4c40"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"3e0-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"23f0-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"ae9-5d9e1b9232bee"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"7c1-5d9e1b92333be"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans%3A600%3A
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans%3A600%3A
IP 142.250.74.10:0
GET /css?family=Open%20Sans%3A600%3A HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 13:33:02 GMT
date: Tue, 06 Sep 2022 13:33:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-icon.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-icon.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-icon.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"d52-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.12
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.12
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.12 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:44:56 GMT
etag: W/"82d1-5a2533273fa00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:40 GMT
etag: W/"fc5f-5a25355431c00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"255e-5d9e1b9233b8e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.12
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.12
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.12 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:14 GMT
etag: W/"458-5a2533386a280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.js?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.js?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.js?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"acee-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/jquery.colorbox.js?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/jquery.colorbox.js?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/jquery.colorbox.js?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"71f1-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"5151-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/colorbox.css?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/colorbox.css?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/colorbox.css?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"119a-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/js/min/enquiry/wcfm-script-enquiry-tab.js?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/js/min/enquiry/wcfm-script-enquiry-tab.js?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wc-frontend-manager/assets/js/min/enquiry/wcfm-script-enquiry-tab.js?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"1308-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.12
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.12
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.12 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:11 GMT
etag: W/"596-5a2533358dbc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/slick.min.js?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/slick.min.js?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/wp-carousel-pro/public/js/slick.min.js?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"c59e-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/wp-carousel-pro-public.min.js?ver=3.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/wp-carousel-pro-public.min.js?ver=3.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-carousel-pro/public/js/wp-carousel-pro-public.min.js?ver=3.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"3fe-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 09 Jul 2021 14:19:40 GMT
etag: W/"41cd-5c6b1764fb700"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:14 GMT
etag: W/"b188-5a2533386a280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/uploads/2022/09/20220906-21_09_18_FotoAngela2_Foto-Hanne-Gloger-scaled.jpg
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/uploads/2022/09/20220906-21_09_18_FotoAngela2_Foto-Hanne-Gloger-scaled.jpg
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/uploads/2022/09/20220906-21_09_18_FotoAngela2_Foto-Hanne-Gloger-scaled.jpg HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: image/jpeg
content-length: 878546
last-modified: Tue, 06 Sep 2022 06:46:28 GMT
etag: "d67d2-5e7fc8e49c4e0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 14 Apr 2020 11:48:33 GMT
etag: W/"6d2-5a33ec7722640"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.12
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.12
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.12 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:02 GMT
etag: W/"3340-5a25332cf8780"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:40 GMT
etag: W/"1af52-5a25355431c00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.12
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.12
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.12 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:44:57 GMT
etag: W/"2456-5a25332833c40"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/digimember/webinc/packages/dm-frontend.8d90ec4cc798f9f4191c.js?ver=3.000.160
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/digimember/webinc/packages/dm-frontend.8d90ec4cc798f9f4191c.js?ver=3.000.160
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
GET /wp-content/plugins/digimember/webinc/packages/dm-frontend.8d90ec4cc798f9f4191c.js?ver=3.000.160 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:12 GMT
etag: W/"28f2-5a27cc6697e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/themes/whitespace/js/theme.js?ver=5.4.11
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/themes/whitespace/js/theme.js?ver=5.4.11
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/whitespace/js/theme.js?ver=5.4.11 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:05 GMT
etag: W/"406b-5a2539e472040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-blockui/jquery.blockUI.min.js?ver=6.4.6
92.204.239.141200 OK 0 B URL HTTP/2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquery-blockui/jquery.blockUI.min.js?ver=6.4.6
IP 92.204.239.141:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-blockui/jquery.blockUI.min.js?ver=6.4.6 HTTP/1.1
Host: www.gschwaetz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"255e-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2