Overview

URL gschwaetz.de/
IP92.204.239.141
ASNHost Europe GmbH
Location France
Report completed2022-09-06 13:33:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 gschwaetz.de/ Malware
2022-09-06 2 gschwaetz.de/ Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/inclu (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/css/js_composer.min. (...) Malware
2022-09-06 2 www.gschwaetz.de/ Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/js/hoverintent.js?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/revslider/public/assets/css/settings.cs (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/uploads/hm_custom_css_js/custom.css?ver=1526853920 Malware
2022-09-06 2 www.gschwaetz.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/sounds/notif (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/slick.min.cs (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/digimember/webinc/packages/dm-frontend- (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/enqu (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/adrotate/library/jquery.adrotate.clickt (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/cart-fra (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cook (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/css/woo.css?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/style.css?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/checkout-files-upload-woocommerce/inclu (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/js/jquery.mousewheel.js?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/fancybox-conf (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/css/woocommerce-layo (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/digimember/webinc/js/user.js?ver=3.000.160 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/js/woo.js?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc- (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?v (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/packages/woocommerce-blocks (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/css/custom.php?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_ (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/fonts/font-a (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/add-to-c (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/frontend/woocomme (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advan (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jq (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultima (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/qtip/ (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel- (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/js/wp-carousel-p (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?v (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultima (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/revslider/public/assets/js/jquery.theme (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/backg (...) Malware
2022-09-06 2 www.gschwaetz.de/wp-content/themes/whitespace/js/theme.js?ver=5.4.11 Malware
2022-09-06 2 www.gschwaetz.de/wp-content/plugins/wc-frontend-manager/includes/libs/jquer (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-06 12:21:11 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.76.226
mnemonic passive DNS getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-09-06 12:20:51 UTC 34.120.5.221
mnemonic passive DNS content-signature-2.cdn.mozilla.net (4) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS firefox.settings.services.mozilla.com (15) 867 2020-06-04 20:08:41 UTC 2022-09-06 10:46:34 UTC 143.204.55.36
mnemonic passive DNS www.gschwaetz.de (93) 0 2017-01-19 08:18:04 UTC 2022-07-17 09:31:33 UTC 92.204.239.141 Unknown ranking
mnemonic passive DNS ocsp.starfieldtech.com (1) 6616 2012-06-22 18:08:50 UTC 2022-09-06 05:19:04 UTC 192.124.249.23
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-06 11:45:40 UTC 142.250.74.174
mnemonic passive DNS firefox.settings.services.mozilla.com (15) 867 2020-06-04 20:08:41 UTC 2022-09-06 10:46:34 UTC 143.204.55.35
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 52.39.175.179
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-06 08:08:24 UTC 34.120.237.76
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-06 04:41:00 UTC 142.251.1.156
mnemonic passive DNS detectportal.firefox.com (2) 1601 2017-01-30 00:03:31 UTC 2022-09-06 04:40:26 UTC 34.107.221.82
mnemonic passive DNS gschwaetz.de (2) 0 2018-05-18 16:58:40 UTC 2022-08-25 14:49:49 UTC 92.204.239.141 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-06 12:27:00 UTC 93.184.220.29
mnemonic passive DNS shavar.services.mozilla.com (1) 3602 2017-01-30 05:00:58 UTC 2022-09-06 05:42:12 UTC 52.35.120.198
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-06 04:40:10 UTC 142.250.74.3
mnemonic passive DNS firefox-settings-attachments.cdn.mozilla.net (1) 11509 2019-11-30 09:32:57 UTC 2022-09-06 06:36:14 UTC 143.204.55.30


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 92.204.239.141

Date UQ / IDS / BL URL IP
2022-11-08 01:39:33 +0000
0 - 0 - 1 zimmervermittlung-moskau.de/checkout 92.204.239.141
2022-09-06 13:33:17 +0000
0 - 0 - 50 gschwaetz.de/ 92.204.239.141

Last 5 reports on ASN: Host Europe GmbH

Date UQ / IDS / BL URL IP
2022-12-03 19:18:42 +0000
0 - 0 - 6 iths.de/ 5.35.244.101
2022-12-03 17:18:11 +0000
0 - 0 - 1 static.updatestar.net/dl/ad-aware/Adaware_Ins (...) 5.35.253.150
2022-12-03 14:56:39 +0000
0 - 0 - 1 static.updatestar.net/dl/allinone/aio-runtime (...) 5.35.253.150
2022-12-03 10:46:50 +0000
0 - 0 - 2 xn--digitale-lsungen-vwb.de/ 91.250.114.206
2022-12-03 10:43:46 +0000
0 - 0 - 80 martin-knabe.de/ 91.250.114.206

Last 1 reports on domain: gschwaetz.de

Date UQ / IDS / BL URL IP
2022-09-06 13:33:17 +0000
0 - 0 - 50 gschwaetz.de/ 92.204.239.141

No other reports with similar screenshot



JavaScript

Executed Scripts (59)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (144)


Request Response
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 05 Sep 2022 16:44:56 GMT
Age: 74884
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            GET / HTTP/1.1 
Host: gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         92.204.239.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Tue, 06 Sep 2022 13:33:00 GMT
Content-Length: 229
Connection: keep-alive
Location: https://gschwaetz.de/
X-Cache-Status: HIT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   229
Md5:    c4e5cb5df52e0f85cc6eb6d78d46c1ef
Sha1:   2f4f70adbad4814a6d1bac7b448a15911bc8b150
Sha256: f7bce9d38177bb8a2ff2adb7f5080081f51ca8d0fcaaa41af5d9f84e677975e3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5664
Expires: Tue, 06 Sep 2022 15:07:24 GMT
Date: Tue, 06 Sep 2022 13:33:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FE016A09001E17224AC6AC11C76B7C4FA98BC99480575B6E0AE3CA22805148D3"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11600
Expires: Tue, 06 Sep 2022 16:46:20 GMT
Date: Tue, 06 Sep 2022 13:33:00 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA19-C1
x-amz-cf-id: 0pRycNR2bzWjyRzgYhvHKgOfNGRjGRaTFChMg4qqIXkKEWlq4bpLnQ==
content-encoding: gzip
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 13:23:15 GMT
age: 585
content-length: 48157
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   48157
Md5:    f864d5c433933ad08931d023142fc792
Sha1:   9b85f4c1a463f0ab6e6088f690af6520cca67fa0
Sha256: 327a342079f9947283dfe01ca72c7b408e42482d60fde2c304a85b99b8346964
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:22:02 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IhdVAHBC3rNCiCCc2gYV_80-MXyZHLOXj7D0Ozk0rgMHITXNLJqsYQ==
age: 43859
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 13:02:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vQJ2REs8ufpICCHVpJoiIVIs6wSvJCVES2yJ2FoOFUGL0ZkuuHz8IA==
Age: 1844


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 05 Sep 2022 16:44:56 GMT
Age: 74885
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:00 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 13:33:01 GMT
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Sep 2022 23:46:30 GMT
Expires: Tue, 06 Sep 2022 23:46:30 GMT
ETag: "93f53daa271cb0a6d1f08d00eab690bc5c6657e4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1846
Md5:    b14b46e4109f402aa48ae7c35119a6c1
Sha1:   93f53daa271cb0a6d1f08d00eab690bc5c6657e4
Sha256: bf67c6afaaf4a87fcbe98abd19ac0b11ffe8b11b511e5703f76f11d0cf5f2443
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3904
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 13:33:01 GMT
Last-Modified: Tue, 06 Sep 2022 12:27:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         92.204.239.141
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
content-length: 0
location: https://www.gschwaetz.de/
x-redirect-by: WordPress
set-cookie: ncore_session=YJvBGJe1Rzpx8b9P7CsnVldz7MkGjy; path=/
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 12:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KzHF1ZeEXi5-g28_RaZoHo0pEsWxKH9gQ5jNPSBTC53zKXDBHAwczQ==
Age: 3283


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         52.35.120.198
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Tue, 06 Sep 2022 13:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5254
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 13:33:01 GMT
Last-Modified: Tue, 06 Sep 2022 12:05:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: smlPU4dtKLBw3YF8IVu43g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.175.179
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JpV5Yb6PtJCoswUXYqX/tjudKW8=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2017/09/logo_transparent.png HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 9820
last-modified: Wed, 01 Apr 2020 16:07:51 GMT
etag: "265c-5a23ce2d683c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 768 x 417, 8-bit colormap, non-interlaced\012- data
Size:   9820
Md5:    6572d05346110f5182b60a3728de8ce9
Sha1:   66421daca04d1c4bb541104f3eac0f944574761c
Sha256: e9661fdc6b7b7d2ea5c101e806ddfba6bec910baef11a33336460b4f167d7395
                                        
                                            GET /wp-content/uploads/2022/06/WWF-001.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 450799
last-modified: Mon, 20 Jun 2022 07:45:59 GMT
etag: "6e0ef-5e1dc4b8a7fff"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x555, components 3\012- data
Size:   450799
Md5:    64e5a13f6548c0f42c96a4661435c761
Sha1:   afae5ade05f6f77070ee8e7cc337d90dcf11b194
Sha256: 84b62bc4da732d03ca56f1cc7091dc1a3472a77b60bbdb4c1bfa93b6aa1df9ed
                                        
                                            GET /wp-content/uploads/2022/06/20220617_120328-scaled.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 754918
last-modified: Mon, 20 Jun 2022 04:12:34 GMT
etag: "b84e6-5e1d9504872ff"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2560x1920, components 3\012- data
Size:   754918
Md5:    a4fd094d432f93f00646901797be889d
Sha1:   63ca7583ce9ce68ee6252560b0b5a46bc6203fd7
Sha256: 7172fc115026df1960f4ee2ad921cd4359562be6a20dfea24f53a027b7ce5021
                                        
                                            GET /wp-content/uploads/2022/06/Veith-Cover-Bild-Stellenangebote-VEITH-002.png HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 726277
last-modified: Fri, 03 Jun 2022 09:39:29 GMT
etag: "b1505-5e087e620b1bd"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2002 x 1128, 8-bit/color RGB, interlaced\012- data
Size:   726277
Md5:    b08f04143aee3bc1392dc84cb9cb7d67
Sha1:   d247153446350d24946d0fe9da5481c171c13d2a
Sha256: 6e19d65bc35ffa810fcd018084b45189b2ac8b32117f7dad999334c9c510edef
                                        
                                            GET /wp-content/uploads/2017/07/Vollsperrung.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 24958
last-modified: Wed, 01 Apr 2020 16:03:36 GMT
etag: "617e-5a23cd3a38600"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 520x520, components 3\012- data
Size:   24958
Md5:    eba12378db12135027dd3615d9b78996
Sha1:   cafea390df53008334461cf36ed2adab088fca93
Sha256: 5c588c3ae2b282e61bb0f50802f88f549942f1225b8fa52bdddeb390f0a8721d
                                        
                                            GET /wp-content/uploads/2017/11/Lehrerin-Tommy-Weinz.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 556512
last-modified: Wed, 01 Apr 2020 16:45:37 GMT
etag: "87de0-5a23d69e6ee40"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1365x2047, components 3\012- data
Size:   556512
Md5:    0dfe9f0e994cdea44f8cda89a2c9022e
Sha1:   1b8b39095b589636a3fb6b9dade530ae62fe7743
Sha256: 0f58e950f40fb7565bc5e835c3b14ec331e8b8754834c434c0bcc0e76931d78c
                                        
                                            GET /wp-content/uploads/2022/09/Kreishaus2.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 230857
last-modified: Mon, 05 Sep 2022 08:02:43 GMT
etag: "385c9-5e7e9811e24ba"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1233x671, components 3\012- data
Size:   230857
Md5:    b22ddb72b466041c284a1735e888f3a4
Sha1:   62d14ccfd177426dfae4ac4e4e1e4fd8222bab68
Sha256: 7df748fb5352b730c248cbad627ff5c6eedebdb650ea8c9f838ba76b884c9d12
                                        
                                            GET /wp-content/uploads/2022/09/Amrum-Strand.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 160957
last-modified: Mon, 05 Sep 2022 07:06:18 GMT
etag: "274bd-5e7e8b7624e15"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=upper-left, width=0], baseline, precision 8, 2016x1512, components 3\012- data
Size:   160957
Md5:    d484c0956115cecebe8e0b1ee879ed05
Sha1:   8b95fe291d762e7b7bd8d11452fadb48f5526cf8
Sha256: 1aebc06b8c218ba21acb5a88cf1fd5d595e5cd141d039cea5a49c3658d3fac3b
                                        
                                            GET /wp-content/uploads/2022/09/Mais-Ernte.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 768582
last-modified: Mon, 05 Sep 2022 06:50:48 GMT
etag: "bba46-5e7e87ff7f97e"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2016x1512, components 3\012- data
Size:   768582
Md5:    ee5f080e63bd289d312ecf2ca6980c71
Sha1:   eb7d47e7c9493e0088a0887062d8e208ac8d305b
Sha256: 90958e98777ef6289cc4586ef21a22174471fa2ad7d452a46230b11632107445
                                        
                                            GET /wp-content/uploads/2021/10/211004_gschwatz-logo-weiss_Zeichenfl%C3%A4che-1.png HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 60672
last-modified: Mon, 04 Oct 2021 07:40:14 GMT
etag: "ed00-5cd8206053380"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2213 x 1092, 8-bit/color RGBA, non-interlaced\012- data
Size:   60672
Md5:    1fb92a77d769539c4508b4f12778a751
Sha1:   c20e9bc7c67bf3d90e15cd0b5481b1b66ab00897
Sha256: 230fe6121d0ff79aadb519779049f30eee568302f1ca174ce4eccb4d9e345293
                                        
                                            GET /wp-content/uploads/2022/09/2288_Streuobstaktion-2022_02.09.2022.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 2128838
last-modified: Sat, 03 Sep 2022 09:29:28 GMT
etag: "207bc6-5e7c27bb1b280"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1600x1073, components 3\012- data
Size:   2128838
Md5:    8ee587480c1e8ff0b5e3a6ef044075e8
Sha1:   bed7d155906dd830b3f3c188dbe444532c0ad833
Sha256: 5b9da5fced53b4aad4710c2456c8caf53190a3c444f9381b259e0c16e7a3e0e2
                                        
                                            GET /wp-content/uploads/2021/09/Bauernverband-Apfel-1920.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 1252296
last-modified: Wed, 01 Sep 2021 07:51:43 GMT
etag: "131bc8-5caea565321c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Apple, model=iPhone 11 Pro Max, xresolution=158, yresolution=166, resolutionunit=2, software=paint.net 4.2.16, datetime=2020:10:14 14:31:26], baseline, precision 8, 1920x1440, components 3\012- data
Size:   1252296
Md5:    b16bff8ccc59b1137ea483c9f6a0afd0
Sha1:   1d62d51ef6965c872bd155fedd7483379b5802e7
Sha256: 849ed8b7c0a661d9530c8ba9557947509e657aa24ed5103cc229442dcfa82dfd
                                        
                                            GET /wp-content/plugins/checkout-files-upload-woocommerce/includes/css/alg-wc-checkout-files-upload-ajax.css?ver=2.1.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 14 Oct 2021 19:42:08 GMT
etag: W/"33d-5ce5546262400"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   849
Md5:    80fafe318c3f993717c3909d6f30ac32
Sha1:   e0df382ae1f3616d443f7382334673a563d356f0
Sha256: e5d7f79c0cfa8e46f02975766ba228ac0a4b267619279fc1664a4eb36237fe6d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/09/Breitband-Vobelsberg-071220211.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 2270538
last-modified: Sat, 03 Sep 2022 09:15:24 GMT
etag: "22a54a-5e7c24965c1dd"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1920, components 3\012- data
Size:   2270538
Md5:    3be55beab4bdd52899debee7f9fddd73
Sha1:   f0bde7e10237dc4c0922ac1607505dbb59bcb6a7
Sha256: a0d8227bb0f4745481688749ecd46a5ddfc5c17fa80d405f2f4bec963995a072
                                        
                                            GET /css?family=Open+Sans%3A400%2C400italic%2C600%2C700%7CRaleway%3A600&ver=5.4.11 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 13:33:02 GMT
date: Tue, 06 Sep 2022 13:33:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5606
Md5:    2dbc88417f3ed787a2a96f72c9058c6f
Sha1:   4f1d742e33738e3e7c145eebf5c4b846ad55a2ff
Sha256: 9a2a998b36614b27e48a1cca37f5784af99d9a0285772f9dcb1828408e6e2f85
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662381443719&_since=%221653914271178%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 05 Sep 2022 12:37:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:57:48 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RwBOv9O18mOuze3LCSnVw3KYnyw2u1Oc4wICAoAg-EAmiTxNSsNfDA==
Age: 2880


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   11789
Md5:    096980a473a883e6eeaf47dc9a14f237
Sha1:   491cde318ec986cc64ff2fb45f71e6560d368feb
Sha256: 1a6d7840dbf67d703a920313758fc70b272df5c2c40cffb770a9f0a728b72b14
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"76726-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   51025
Md5:    a23ab6049e74794b2767d3649722d7da
Sha1:   9661ca62595c2c15caaf54e57ba1c5b27e89202a
Sha256: 9155c2a560ff854966678cb3109399f7a667ea3b44850edb875af09ad26066e8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/whitespace/img/bgs/tagline_divider.png HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/wp-content/themes/whitespace/css/theme.css?ver=5.4.11
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 81
last-modified: Thu, 02 Apr 2020 19:15:35 GMT
etag: "51-5a253a010e3c0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 4 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    988db10f018aab71de3b2d39e2b4fee9
Sha1:   c46bef69416ad7d2feb26b79f7e6a0df52773f72
Sha256: 6fef0966723588b4a89652416d1d9590803d50bd689e136a5c3592248d41e7da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
link: <https://www.gschwaetz.de/wp-json/>; rel="https://api.w.org/", <https://www.gschwaetz.de/>; rel=shortlink
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25393
Md5:    850e897900fe189ecd8831b81ea63d10
Sha1:   2cc40aa8335210d4de53378a237818816c08ff4c
Sha256: 8f375179c502302b04dac5802b27da832e270c99427e3be6cb7b292826044404

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:31:59 GMT
etag: W/"1568-5ce14977135c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0b9528d0aa584b0e7b8b95f31ec1c4ed
Sha1:   79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
Sha256: 2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/whitespace/js/hoverintent.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:04 GMT
etag: W/"1a41-5a2539e37de00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2775
Md5:    a6f6ac3e65dde78c5e21a437d12a006c
Sha1:   f160967c3d1b1814d56af8ca571a5f4b2a788899
Sha256: 6825b671f5c9239d896678658e645b3a92854498639447cfac30e399b547d86b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Tue, 29 Aug 2017 19:04:13 GMT
etag: W/"6bf7-557e913b24540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   51467
Md5:    13b3c6237675faf8267a5ef8ce2a7a48
Sha1:   dea2ccee6faaa4df381cff3596d9f2dc12afb762
Sha256: 1a7592e79285a011a2878d72798f3299710df2e90d75e6f8260d8fde8249c352

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:39 GMT
etag: W/"7451-5a2535533d9c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23814
Md5:    047aad62bb58bbc5e74be6f145481102
Sha1:   12fb67c93e6421d15584960b5b2b6643ab7b82c9
Sha256: 69f6259db51332b123a76050521efe48070805da801d514f416e733f6a143f92

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/hm_custom_css_js/custom.css?ver=1526853920 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 15:33:59 GMT
etag: W/"1c9a-5a23c69b8a7c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   19791
Md5:    8c483f05c2cb05af06679f1b417e0f7d
Sha1:   f65c5ccc7f54cfeb7f0766f3c23e9b4adc680e61
Sha256: 86ded105e670c69b923a7a9ef270088b69a8d1f6deb6154023ab0e62a8b54c73

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/jquery-ui/jquery-ui.min.css?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"755c-5d9e1b921c877"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   28910
Md5:    012b8372f21d46e65fbe537e23d91571
Sha1:   5a5ac65feec2ed9fc48a5e2e93e698379163aec2
Sha256: e8a021ac5db1e7e20bffde763598ec9f98f050bbe0ac7a2ea38f86dfb41aa44f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 13:02:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NZI2gcDCS2w701CK2EatuaAIKaMd4X0_ruh2jOpWTwvC7XAX9rQSBQ==
Age: 1846


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/ajax-loader.gif HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 4178
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: "1052-5cd8b67500940"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 32\012- data
Size:   4178
Md5:    c5cd7f5300576ab4c88202b42f6ded62
Sha1:   7a1aa43614396382bb15e5fde574d9cdcd21698f
Sha256: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
                                        
                                            GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 
Host: firefox-settings-attachments.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.30
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Sep 2022 03:36:33 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E0R84ywC3BWkB-jEIaIsih6XBdtOexO0kg4ObefdaLTAohi4QTLv7A==
Age: 38149


--- Additional Info ---
Magic:  data
Size:   795699
Md5:    9b95765b0e26af76116a95a966d61354
Sha1:   3f7c1b40fc999b83f3696f455402e49ab484b027
Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662422467073&_since=%221654732864402%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 06 Sep 2022 00:01:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:08:07 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hja0ym8935XVYpcyecuAdAc7Vsy4xiDiuG7uB3fw_zJezZy2ovEfRQ==
Age: 1599


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (59437), with no line terminators
Size:   12106
Md5:    45b41db6f927fdb47f0f7df66f42d4c8
Sha1:   ab37910a3d8b44254431cfa44a83d7b09fe84e79
Sha256: a6384356884ab8ae2d9087a3410e914e4be4eea385e5ddcf6eeba369574a9f6a
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"bd0-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1968
Md5:    7d6c350d1a6a7586ce89ac8e35cb39e0
Sha1:   9ff1b9a658fce3da23aee7420ba87e3c428dd071
Sha256: 2e89ff17b9a6562c709856cbd92fd4b558a9af43ebb0d153591945e618b6c393
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 19:48:18 GMT
etag: W/"2748-5a23ff73a8480"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13409
Md5:    57a1928f4bbe68fad729bc074923b52d
Sha1:   01a7c685282ffe537a31532267f0fb7cd51ec988
Sha256: 05f02bf4242d52cd506b884c6e21d2a380927480491d2491a248fd1ace81d484

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/pdf-print/css/frontend.css?ver=2.2.9 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:26:16 GMT
etag: W/"5ca-5ce1482ff7200"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 12:41:12 GMT
expires: Tue, 06 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 3111
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/sounds/notification.mp3 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:03 GMT
content-length: 8802
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: "2262-5a27ca09f6b80"
x-cache-status: MISS
content-range: bytes 0-8801/8802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.3.0\012- data
Size:   8802
Md5:    568c452268d8a1df3b09d449f6b59232
Sha1:   c11d84b821468127a58dae0c98d514f5e1962a88
Sha256: 6d8a2c36a85f22a871fc5b22a174aae86f7560befc1d205738a6c78ab41cf4a9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/slick.min.css?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"55c-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10384
Md5:    249674e3d3aeb99c9383bc42bdfb2374
Sha1:   2c760c0675a4a08a6695b3cc1cead435c18bdfd8
Sha256: ac18efaebf4e4480a7123a29c4466a85cb26ca89abe53838c64e17f7734718c1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"f42f-5d9e1b9221696"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   72737
Md5:    37f5803385aae05598b4975b24bd0845
Sha1:   e61776d98cd66424da92efcbcdfe9d4029c45979
Sha256: 002bcdaacbfa24f34001e77f04559dd2dd4c3f42fa27cb28aad5d499cd3665b4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 03 Sep 2022 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Date: Tue, 06 Sep 2022 13:30:07 GMT
ETag: "1662223014803"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0SaLGujc7SQA5Axl7_nZlRL2jq6UFsU6SWJ2axYQOHx0pxjkfWHk5Q==
Age: 176


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size:   681
Md5:    747f384efea12ce5dab98117b84a36d8
Sha1:   3bfa87d8ca19bf259e1b28f5d8484560bc4aa59f
Sha256: 674580bbd668da2fccee5bd78cd11bdb237a800ec945160353537b15c3e924f2
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:09:35 GMT
etag: W/"2452-5a27c9cde1dc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3238
Md5:    d414daca5866bd3d1e459beba5692f19
Sha1:   b5d6eca8c82678c2943553f467f4bb4373441705
Sha256: 97662d3021e5b3ce28177f6b7f504fd54cfa8f0a0d6b88406ec2590b7fb7ef65
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119144461-1&cid=119497449.1662471178&jid=1465760241&gjid=1835395379&_gid=461185235.1662471178&_u=YGBAgUABCAAAAE~&z=496998419 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.gschwaetz.de
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.gschwaetz.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 13:33:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:33 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: l7zuo7ToDfsOqM6_L-6k2vbn-AqC7HVC-o4PIqPQJgUqf0piCIwdEA==
Age: 1784


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Size:   893
Md5:    cdb42a32eb079761007d29ee4bbc9a0b
Sha1:   9653c4215e912886e5b6f5a39a33189147f10573
Sha256: 26e1a455c2a879130bec3641d40ed1e2aabed7d0aafde9e11a07a2cc6eb63eb8
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-30-15-09-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Mon, 11 Jul 2022 15:09:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 03:06:57 GMT
etag: "c0f7028ab1157f24d515abdede77d5b3"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4i37brQyX6AJ15xWMaJfpy5ATmmGdh-y3ZevplPc846dbsgKvCXFmA==
age: 37567
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    c0f7028ab1157f24d515abdede77d5b3
Sha1:   00208a34ed76644814967ad5611bdbc1f3ba6780
Sha256: 6a1b8917468b937fda9acbfead382d4349063f5bd36a812dbd79e91645abb576
                                        
                                            GET /wp-content/plugins/digimember/webinc/packages/dm-frontend-styles.2f589c52295091a387a6.css?ver=3.000.160 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:12 GMT
etag: W/"b53d-5a27cc6697e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9972
Md5:    69560efab38bab0c1962b73fcea1c9a3
Sha1:   66b250f688b8947fcabfc0953b4fa91c830b3f23
Sha256: ff591f7508022720a3bf85189b21fb18b6063265a3afa64b2991bbd4b79f4745

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Tue, 06 Sep 2022 15:11:04 GMT
Date: Tue, 06 Sep 2022 13:33:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Tue, 06 Sep 2022 15:11:04 GMT
Date: Tue, 06 Sep 2022 13:33:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-10-13-16-32.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Thu, 21 Apr 2022 13:16:33 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:53:08 GMT
etag: "c2eff79baaa46df0eb1ad5ad7b702bca"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rhddTdr-lbGJI0AxZO2D63djx8fgAd7mQ_DaKV-Eh3TCDWdnx80YPA==
age: 41996
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    c2eff79baaa46df0eb1ad5ad7b702bca
Sha1:   a1161150e75b0f0dd30de06ac6f27c1be4810048
Sha256: 6871f00b47a3525296bf02f508923ab3e15cc705694aee45d8db44b9c63bd201
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 32521
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
age: 56781
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6482
Md5:    0efc32eccbf76ac0d89f324d09a7fd1f
Sha1:   f8589eb3907582137d8b9373af745d80eddbf1bb
Sha256: ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12573
x-amzn-requestid: 93ac3b01-e2e3-462b-93d4-8f1bf949a015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5E5JIAMFTJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-7fa8ddcb4b17c5ff1c214b94;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qU3s1u1OYmhFyNM8dgd4R3mLfgN3VXlj7z0WGWFhmW-U00wuUld96w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:23 GMT
age: 56860
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12573
Md5:    3fe4a321dcd6a94a637a528d74f9321a
Sha1:   3f3aad2cc71226b39549db1a9baa6837d4f1d897
Sha256: a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:19:33 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m5fbvGWLRGxwjLGt0b10s-Sd1B5kzdSQ10EXoDjOiSCzGmaWnUuH2Q==
Age: 811


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1917), with no line terminators
Size:   990
Md5:    b6407a5941093b39ebd04d169df8bbf3
Sha1:   818bda143425c1055f103f8e1db3ed43cc98bd93
Sha256: 283dd5f141930ee1f53a16db0eba6f3aeb1d4f13247a3f006abe84427c066dcb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 13:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 17877
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 55983
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5775
Md5:    1a87857b93f99eab3118aae97a1c9d22
Sha1:   3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
Sha256: 97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 56910
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:37:28 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lHUU2edmt5nMo7TeCgDnGidzwdKLany8z6PL2UKyZx0FOsjKwoZCjw==
Age: 3360


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2195), with no line terminators
Size:   1008
Md5:    284ce6f489d4e39635136f153138aeb3
Sha1:   e15907c1e8e1a973af52a876c4efac08eb4a8f4d
Sha256: 0728663f31f157e091c5f658b8fa24e2833830e95429146d470f2edd6e8705fd
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:37:08 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9ZE7izcf6AueHDGx1omp-u_c3zlX7nTGXdwuwmgEPxuYfeH8rvAEAw==
age: 42956
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:57:49 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hFb9On7QcrfyELMnLxVZP3JiSNG3hh3_iviabBf1xsRarnQeaJzyJA==
Age: 2121


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Size:   1404
Md5:    5f4edd5433264154f517292748387ebf
Sha1:   d6e41d472f12649a84d2484433c89d64836ca059
Sha256: f749fdbbb83278e27564e565558832d799197c405c39055ea1d3cfb1274f9086
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 02 Sep 2022 12:14:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:47 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lji3nKXAjrzGTqECz8XDFgZ7KdQrXX1SjJZXbfGDmyVC17dElo3RFw==
Age: 1802


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   5020
Md5:    ef8c23eb9ddb7ebd8b9183a7089b6f3f
Sha1:   6eae5623ffdf5f30831bdd4f3cb61bb1829dbc08
Sha256: 9d6ed20bd90c3e952ee4c32a10706bc5eb20a6ae6dcf598448f029022769102c
                                        
                                            GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 13:03:19 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NBM8BaseKv1BqqLkxInZ7gwZwJtOc01eF_14s_bLyDfJ_9k5PQ9W_A==
Age: 1786


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Size:   5460
Md5:    4aeeb7e3b8bbe13f0e937ff570f20777
Sha1:   3d30e1983d6ce6126fef50acaae4a41d579b1c09
Sha256: 3f016c7fbcd505500620db2169b0f39282087dc89ba805e479a8ef53d45f10b7
                                        
                                            GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 06 Sep 2022 13:14:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _k-6PFXZwaiHPDtPZcpi9KzU1Y00rt6gzkYiKkLYv_2jIofnKJW1DA==
Age: 1122


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Size:   3391
Md5:    64e7a6dda8110b0ba7c31a4e28bfc96f
Sha1:   addc0f9994b78a873012b9465e3aa515a780ddf9
Sha256: 10823e4a8aa955a94172bc12eb933498ee792bdd49d6f24e73db175b6d79bff1
                                        
                                            GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:40:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aC2dXzKLucqPJIIHaIEOBUq9xu-2GQnAwIJQyKfwB_I6ISGs4TpYfg==
Age: 3267


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Size:   783
Md5:    d8e59c6bd160719da9f2b9571af22b8e
Sha1:   b4353f8308be656bdf00bc4676fdb23e7c285f32
Sha256: a3e7359fc3dbb20b38aae533bedd4061dad7a3440ea323cb17dba0540a670c81
                                        
                                            GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 06 Sep 2022 12:38:51 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nE2p6CSo1pf_XbOqzH1ilRy79--dlctqs92XlYcjuWB-b8H9nxTAbA==
Age: 3268


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Size:   3107
Md5:    ca9b7ec20643050e8acc3b7ee435f6a3
Sha1:   204f7d4e4dcd10b449d91bd6f9edbffe17dd6dd1
Sha256: 531a79432808c6959aa6fe610b7112c27bad3f4c548e411b2861eed0bf06165d
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/css/min/enquiry/wcfm-style-enquiry-button.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"2c6-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Tue, 28 Sep 2021 08:46:24 GMT
etag: W/"16d-5cd0a3f9a5800"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"b7c-5d9e1b9232bee"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"f59-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"7918-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 06:53:20 GMT
etag: W/"d159-5a47c85213800"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/whitespace/css/theme.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 07 Oct 2021 07:14:32 GMT
etag: W/"31f2c-5cdbe03a24600"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-adminbar.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"1380-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"736-5d9e1b923723e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"592-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-core.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"3ade-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/whitespace/css/woo.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 25 Oct 2021 19:07:25 GMT
etag: W/"1526b-5cf32123f3540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/09/LittleMissMartin_FotoWernerHallatschek-1024x683.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 111841
last-modified: Mon, 05 Sep 2022 08:10:37 GMT
etag: "1b4e1-5e7e99d62e25b"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/js/fancybox.min.js?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"10a9d-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/whitespace/style.css?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:14:53 GMT
etag: W/"11a-5a2539d900540"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/checkout-files-upload-woocommerce/includes/js/alg-wc-checkout-files-upload-ajax.js?ver=2.1.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 14 Oct 2021 19:42:08 GMT
etag: W/"1f7d-5ce5546262400"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/whitespace/js/jquery.mousewheel.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:05 GMT
etag: W/"99a-5a2539e472040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/js/fancybox-config.min.js?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"77b-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"44e7-5d9e1b9221a7e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"d2e3-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/digimember/webinc/js/user.js?ver=3.000.160 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:13 GMT
etag: W/"2cb6-5a27cc678c040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/whitespace/js/woo.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:06 GMT
etag: W/"f33-5a2539e566280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"2415-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Tue, 14 Apr 2020 11:48:33 GMT
etag: W/"3868-5a33ec7722640"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 18:54:19 GMT
etag: W/"8d4c-5c00764066cc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/js/min/wcfm-script-core.js?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"2c0a-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:01 GMT
etag: W/"1020a-5d9e1b92ef773"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/hm_custom_css_js/custom.js?ver=1525449628 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 15:33:59 GMT
etag: W/"5928-5a23c69b8a7c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/whitespace/css/custom.php?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
set-cookie: ncore_session=gugVpOoCLn6XtNN8zB37z16ezXCSWl; path=/
x-cache-status: EXPIRED
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"5079-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 14:31:59 GMT
etag: W/"20b3-5ce14977135c0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"31fb-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/fonts/font-awesome/css/wcfmicon.min.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"cb7b-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:07:05 GMT
etag: W/"17a69-5a27c93ed4c40"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:11:36 GMT
etag: W/"3e0-5a27ca4146e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"23f0-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"ae9-5d9e1b9232bee"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"7c1-5d9e1b92333be"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open%20Sans%3A600%3A HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 13:33:02 GMT
date: Tue, 06 Sep 2022 13:33:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/css/min/wcfm-style-icon.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"d52-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.12 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:44:56 GMT
etag: W/"82d1-5a2533273fa00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:40 GMT
etag: W/"fc5f-5a25355431c00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 10 Mar 2022 18:53:00 GMT
etag: W/"255e-5d9e1b9233b8e"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.12 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:14 GMT
etag: W/"458-5a2533386a280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/includes/libs/qtip/qtip.js?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"acee-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/jquery.colorbox.js?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"71f1-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"5151-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-colorbox/colorbox.css?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"119a-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/assets/js/min/enquiry/wcfm-script-enquiry-tab.js?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"1308-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.12 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:11 GMT
etag: W/"596-5a2533358dbc0"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/js/slick.min.js?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"c59e-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wp-carousel-pro/public/js/wp-carousel-pro-public.min.js?ver=3.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Oct 2021 18:51:41 GMT
etag: W/"3fe-5cd8b67500940"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Fri, 09 Jul 2021 14:19:40 GMT
etag: W/"41cd-5c6b1764fb700"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:14 GMT
etag: W/"b188-5a2533386a280"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/09/20220906-21_09_18_FotoAngela2_Foto-Hanne-Gloger-scaled.jpg HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
content-length: 878546
last-modified: Tue, 06 Sep 2022 06:46:28 GMT
etag: "d67d2-5e7fc8e49c4e0"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:01 GMT
vary: Accept-Encoding
last-modified: Tue, 14 Apr 2020 11:48:33 GMT
etag: W/"6d2-5a33ec7722640"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.12 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:45:02 GMT
etag: W/"3340-5a25332cf8780"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:54:40 GMT
etag: W/"1af52-5a25355431c00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.12 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 18:44:57 GMT
etag: W/"2456-5a25332833c40"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/digimember/webinc/packages/dm-frontend.8d90ec4cc798f9f4191c.js?ver=3.000.160 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:21:12 GMT
etag: W/"28f2-5a27cc6697e00"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/whitespace/js/theme.js?ver=5.4.11 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Thu, 02 Apr 2020 19:15:05 GMT
etag: W/"406b-5a2539e472040"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wc-frontend-manager/includes/libs/jquery-blockui/jquery.blockUI.min.js?ver=6.4.6 HTTP/1.1 
Host: www.gschwaetz.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gschwaetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.204.239.141
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 13:33:02 GMT
vary: Accept-Encoding
last-modified: Sat, 04 Apr 2020 20:10:38 GMT
etag: W/"255e-5a27ca09f6b80"
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware